System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

Shadow password files with NIS

SOLVED
Go to solution
Dave Johnson_1
Super Advisor

Shadow password files with NIS

I currently have several HP-UX servers setup with NIS. Some of them are running 11.11, others are running 11.23. Every year we get dinged for not using shadow password files. We have a very small number of users that can even get to a command prompt so we have not worried about this too much. I seem to remember there is some version of the OS that supports NIS and shadow passwords but I am not sure if that is 11.23 or 11.31. Since we will need to upgrade any way at some point, I want to look at enabling shadow passwords as part of, or soon after an OS upgrade. So to the questions:
1. What version of OS will get me what I want?
2. What exactly do I need to setup once I upgrade?
2 REPLIES
Johnson Punniyalingam
Honored Contributor
Solution

Re: Shadow password files with NIS

Bill Hassell
Honored Contributor

Re: Shadow password files with NIS

> Every year we get dinged for not using shadow password files.

I'm very surprised that your auditors haven't dinged you for using NIS. NIS broadcasts the encrypted password across the network, the very reason that a shadow password (or a Trusted system) is needed. As long as you use NIS, all your client systems are at risk. There is NIS+ (with encrypted data transfers) which is the last gasp for NIS but so few systems support NIS+ that it is retreating to history books. LDAP is the preferred/recommended way to distribute authentication.


Bill Hassell, sysadmin