managing user accounts without NIS

Donald Becker becker at scyld.com
Sun May 21 00:31:38 PDT 2000


On Sun, 21 May 2000, dwight wrote:

> Victor Ortega wrote:
> 
> > NIS and NFS are insecure and incur performance penalties.  I'm looking
> > for better alternatives.  My idea of setuid-root wrappers (using rsync
> > for distribution of relevant files) already provides a more secure,
> > high-performance, high-availability alternative; I just want to make
> > sure that there isn't something better out there already, and that I'm
> > not overlooking some potential security hole.
> 
> Just using rsync per se might well subject you to a man-in-the-middle
> attack, or a spoofing attack. ssh/scp would be a better tool.

An important element of Beowulf clusters is that they have a private,
protected internal network.  There is no possible spoofing attack.  'Ssh'
imposes a large performance burden for its security.

Donald Becker				becker at scyld.com
Scyld Computing Corporation
410 Severn Ave. Suite 210
Annapolis MD 21403







More information about the Beowulf mailing list