Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!newshost.telstra.net!act.news.telstra.net!vic.news.telstra.net!news.mira.net.au!harbinger.cc.monash.edu.au!news.bhp.com.au!mel.dit.csiro.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.ysu.edu!usenet.ins.cwru.edu!agate!howland.reston.ans.net!sol.ctr.columbia.edu!sirius.ctr.columbia.edu!wpaul
From: wpaul@ctr.columbia.edu (Bill Paul)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: Passwd from SunOS NIS on FreeBSD 2.1.0
Date: 31 Mar 1996 18:55:36 GMT
Organization: Columbia University Center for Telecommunications Research
Lines: 45
Message-ID: <4jmkf9$nga@sol.ctr.columbia.edu>
References: <4jkd93$1mb@crl5.crl.com>
NNTP-Posting-Host: sirius.ctr.columbia.edu
X-Newsreader: TIN [version 1.2 PL2]
Daring to challenge the will of the almighty Leviam00se, Bradley Yearwood
(bny@crl.com) had the courage to say:
: I seem to be having some difficulty getting FreeBSD 2.1.0 to accept
: passwd from a SunOS (4.1.4) server. The FreeBSD machine appears to
: take at least the home directory from NIS, but refuses to login with
: the password as set in the NIS map.
: Am I missing something?
: Brad Yearwood bny@crl.com
Yes, you are almost certainly missing something. Like the DES crypt()
distribution for FreeBSD. :)
FreeBSD uses an MD5-based crypt() function out of the box (or rather,
off the CD) since export restrictions prevent Walnut Creek from
shipping FreeBSD CDs out of the country with DES software on them (this
includes the DES crypt() function). If you want DES encrypted passwords,
you have to download the des.aa archive from a FreeBSD archive site
and install it. (If you're outside the US, do not use a US archive
site.)
Obviously, if you're using the MD5 crypt(), there's no way the DES
crypt()ed passwords from the SunOS NIS server will work correctly.
Both the NIS client and server have to use the same crypt() function
in order to use the same passwords.
Second, check the +::::::::: line you put in /etc/master.passwd to
enable NIS logins. Read the passwd(5) man page carefully: you can
_NOT_ put a * in the password field (+:*::::::::) like you can in
SunOS. If you do this, you will be disabling all NIS passwords.
Don't put 0's in the UID and GID fields either. The passwd(5)
man page warns quite strenously against doing this.
-Bill
--
=============================================================================
-Bill Paul (212) 854-6020 | System Manager, Master of Unix-Fu
Work: wpaul@ctr.columbia.edu | Center for Telecommunications Research
Home: wpaul@skynet.ctr.columbia.edu | Columbia University, New York City
=============================================================================
"If you are in trouble, go the CTR. Ask for Bill. He will help you."
=============================================================================