Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.mira.net.au!news.vbc.net!knews.uk0.vbc.net!newsfeed.easynet.co.uk!easynet-uk!www.nntp.primenet.com!nntp.primenet.com!enews.sgi.com!news.mathworks.com!newsfeed.internetmci.com!news.emeraldis.com!david From: david@emeraldis.com (David G. Cannon) Newsgroups: comp.unix.bsd.bsdi.misc Subject: Re: How best to handle authentication over two machines? Date: Wed, 09 Oct 96 23:24:41 GMT Organization: Emerald Internet Services Lines: 48 Message-ID: <53hdd2$gso@jade.emeraldis.com> References: <539s3d$dfu@nntp.igs.net> NNTP-Posting-Host: david.emeraldis.com Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Newsreader: News Xpress 2.0 Beta #2 We are doing the same thing here... moving from a one server operation to a two server operation. I have checked into this same issue, and usually get the same answer when it comes to BSDI people. They recommend using rdist to keep the necessary files on both machines. They discourage NIS because of security reasons, however, the next BSDI release (v.3.0) will support NIS. I think rdist will work fine for what you are wanting to do. The problem you could possibly run into is with the BSDI and FreeBSD differences with password encryption. I remember reading a thread one time that talked about a compatability problem between the two when trying to use the same passwd files. You might want to check into it. I am also curious as to what is the best way to balance the load between two servers. We do primarily PPP dial-in. Most of our load is DNS, httpd, INN, PPP, and E-mail (sendmail & POP3). I know we need to put newsgroups on a seperate machine than most of the other stuff, but what about the rest. Would it be best to run the secondary server as a newsserver, mailserver, and secondary DNS? What would be the best arrangement to get the best performance? By the way, my questions are for anyone that can help. *David* In article <539s3d$dfu@nntp.igs.net>, pomegranite@cnwl.igs.net (Mat Trudel) wrote: > Hi all, > > I work at an ISP, and we are currently upgrading from one BSDI machine > that handles everything (everything being the usual ISP brouhaha; > modems, DNS, httpd, mail etc...) to a dual server system; the BSDI > machine handling modems, DNS and mail, and another FreeBSD machine > handling http and ftp. Anyway, my question is this: how do I best > handle the authentication of users on the new machine. (Obviously) our > users are going to have to get on the FreeBSD box to upload stuff, > debug CGI's etc..., but i'm not sure of the best way to handle this. > YP/NIS looks to me to be the best way to do this, and seeing as i'm > quite familiar with it, it would be my first choice, BUT I can't find > a BSDI version of ypserv (or any YP /NIS stuff for that matter) > anywhere. The man pages (as usual) reveal nothing. A dig around the > BSDI web site returns nothing. Does anyone know of any little known / > third party / easier way to do this that has obviously escaped me > stuff that may be of use here? Thanks in advance for anyone's help! > > Mat Trudel > IGS Cornwall > pomegranite@cnwl.igs.net >