Eric wrote on Monday 18 June 2007: > What is the "right" way to synchronize passwords between hosts? I would say NIS or LDAP, but those are services which provide authentication over network. NIS is rather easy to manage but if you like it more painful (and more secure) you can try LDAP. ;-) > There are two machines set up, one FC6 and one F7, and I'd like any > password changes on one to also show up on the other. Another option would be: use rsync + ssh with public key authentication to copy passwd+shadow from one host to another. But it will not "sychronize" changes, it will simply overwrite user and password information. If both machines have homogeneous users AND services it might work. There are several system accounts which will be affected with this approach. I would NOT recommend it. > Does it make sense to try to NFS-mount /etc/shadow from one machine on > the other? You can't mount a single file, only directories. You would rather have to mount whole /etc, which clearly is a dodgy idea for anything besides diskless workstations. Would ssh and public key authentication not be enough for you? What do you need it for? -- bye, Adalbert Prokop If the grass is greener on other side of fence, consider what may be fertilizing it.
