Kyle McDonald wrote: > Darren J Moffat wrote: >> Roland Mainz wrote: >> >>> Hi! >>> >>> ---- >>> >>> Would be there any (technical) objections to modify "useradd" to add >>> entries to /etc/publickey by default (and assign a default host key for >>> the machines, too) ? >>> The idea is to get SecureRPC working by default on a plain Solaris >>> installation to allow users to use X11's SUN-DES-1 authentification >>> scheme instead of MIT-MAGIC-COOKIE-1 stuff (e.g. use $ xhost +username@ >>> # instead of shuffeling cookies around which should be much more >>> user-friendly) and/or use SecureRPC for NFS... >>> >> Sounds like a great idea to me. >> >> > So is this just the 'local files' version of what I'd already have if I > was storing my userinfo in NIS+?
Correct, with the exception that Nico already pointed out that it is only the DES creds and not the extended dh192-o and dh640-0 those are only supported in NIS+ > (and this is doable in NIS now too right?) Correct but NIS is so insecure anyway so it doesn't buy you much, the fix for the NIS insecurity was NIS+. -- Darren J Moffat
