On Tue, 18 Jan 2005 13:11:15 -0800, Nifty Hat Mitch <mitch48@xxxxxxxxxxxxx> wrote: > On Mon, Jan 17, 2005 at 12:37:16PM -0500, fly over wrote: > > > I have assigned a tough task on FC 3 platform. the prob > > definition is to setup a Network Login n FC 3 using NIS , DNS and > > NFS. I have 3 p cs small network all running FC 3. If i create > > the user on a 1 pc and then create some files on the same pc, > > then on other system i should have ability to login and all the > > created file should be available there. > > > Break this into three tasks. > authentication (use NIS or perhaps LDAP) > authentication and NIS is a security tangle > do your homework. Make sure your firewall > does the right thing or hackers can see stuff > you do not want seen. LDAP can be a pain to set up for authentication but might be worth the trouble since it can be configured for better security. At least use tcpwrappers and I have heard but never tried this: http://www.math.ualberta.ca/imaging/snfs/README.NIS At the very least take a look at RH's own docs. http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/security-guide/s1-server-nis.html > > host name to IP address mapping (DNS, or NIS) > it is possible to have NIS and DNS both > provide host name/ IPaddress mapping > make sure that: files, DNS, NIS all agree. Uh, I would typically stick with just DNS but that is perhaps the cheap way out. > > file system and data sharing (use NFS). > this may involve a data dir, applicatin dir and/or user > home dirs. Make sure that only hosts you trust can mount > these resources. UID control and other securtity concerns > can matter. > Secure NFS via SSH tunneling or at least wrap that rascal with tcpwrappers even if you are behind a good firewall. http://www.math.ualberta.ca/imaging/snfs/ What you have been handed is a great opportunity. One that I myself have had handed to me a couple of times but usually with bosses on my head to do a certain way. Let me say that putting together a good dns server or file server layout with nfs or samba is one of the simple joys of sysadmin'ing for me. Good luck.
