Re: Obtaining NIS domainname from Gatorbox

[mouse () Collatz McRCIM McGill EDU (der Mouse)]

> > [Gatorboxes...no user password...tell you the NIS domainname]

> Maybe a good reason to join the crowd and not run NIS?

I wish.  It's clear to me that NIS is a big problem.  But what else is
out there?  We have a definite need to share passwd databases across
many machines, from multiple vendors, none of which we have source code
to.  How close to a solution can we get?

Would it work to simply find/write replacements for login and passwd
that use something less hopelessly insecure, and then, for the benefit
of the numerous vendor binaries that expect to use getpw*(), provide a
small stupid interface that looks like an NIS server but gets its data
from the real database (and doesn't hand out even hashed passwords to
clients who cannot be verified as privileged)?  Or do login and passwd
do too much undocumented vendor-specific stuff?

(I'd also _really_ like to change the password hashing algorithm.  The
traditional tweaked-DES one just isn't strong enough for comfort any
longer.  And if login and passwd are being replaced....)

                                        der Mouse

                            mouse () collatz mcrcim mcgill edu