On 2001-11-07 21:13, Steve Shorter <steve@nomad.tor.lets.net> wrote: > On Wed, Nov 07, 2001 at 07:02:09PM -0700, David Bear wrote: > > I need to sync /etc/passwd and /etc/group among multiple machines. I was > > thinking ldap would be a good method but am concerned about > > > > 1) the most secure way to do it > > 2) the most stable > > 3) things I don't know about this but should... > > > > any pointers to man pages/docs would be appreciated. > > Hmm... how about rsync? /usr/ports/net/rsync > -steve After reading a nice paper by Val Henson[1] I'm not so sure I'd trust sensitive information like password data to rsync without making sure that compare-by-hash is disabled if at all possible. There are other ways to use a common authentication server, shared by many machines. Kerberos and NIS or NIS+ are good examples. At least better than a ``blind copy'' of password files with rsync. Giorgos. --- References --- [1] Val Henson, "An Analysis of Compare-by-hash". In Proceedings of "HotOS IX: The 9th Workshop on Hot Topics in Operating Systems", pp. 13-18. [ http://www.nmt.edu/~val/review/hash.html ] _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"