[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NIS problems between OpenBSD/i386 3.1 server and RedHat/i386 7.3 clients

To: misc@openbsd.org
Subject: NIS problems between OpenBSD/i386 3.1 server and RedHat/i386 7.3 clients
From: Matthew Haas <wedge@lightlink.com>
Date: Tue, 17 Sep 2002 23:34:01 -0400 (EDT)

Hello,

 I am trying to set up an NIS server in an academic environment and have
encountered some interoperability problems. I set out to use NIS to prove
to myself I could do it, and would like to see it through.

 The various security issues are not a concern, the lab is segregated from
the main network and firewalled suitably. I am merely looking to get this
setup working.

 As I said, the NIS server is being setup on an OpenBSD/i386 3.1 machine.
We've started ypserv (initialized it as a master server using ypinit -m),
and an rpcinfo -p shows the proper services running. We've done the make
in the /var/yp directory to build the maps, setup /etc/yp.conf,
/etc/nsswitch.conf, and have the server logging to /var/yp/ypserv.log (and
we have /var/yp/securenet in place with relaxed settings allowing any
machine on our segregated network to access it).

 On the RedHat/i386 7.3 boxes, we configured them as clients. An:

	rpcinfo -u $NIS_server ypserv

 reveals that communications have been established.

 In fact, doing a:

	ypcat passwd

 on the client will display the passwd file from the server, so the
information is being transmitted.

 The problem we first experienced was a password mismatch. We started
yppasswdd on the NIS server.

 However, whatever password we tried would not allow a login on the
client. We ended up pasting a RedHat generated password into the field in
/etc/master.passwd and got a successful login.

 So we suspect that the encryption routines are incompatible between
RedHat and OpenBSD (I think I read OpenBSD uses Blowfish). Plus the fact
that RedHat uses PAM and whatever else.

 A good question that comes to mind: Has anyone attempted NIS between such
a setup? Any recommendations as to the password issue? Do we need to setup
PAM on the server and use a module?

 Any recommendations would be highly appreciated. Like I said, both
clients and server seem to be communicating, just something isn't clicking
on the client side.

 The other mystery we encountered was an apparently inability to even get
that far when using an OpenBSD machine as a client... which seems even
more odd... went through the same procedure as the RedHat boxes and can
see the maps... but they are not being applied to the system.

 It evidently is receiving the passwd map, but it is not adding those
users to the system as valid users.

 Any pointers would be greatly appreciated. I can also post some
configuration files if need be.

 Thanks in advance.

---
 Matthew Haas           Squirrel's Law #209203923: "Thou shalt ignoreth
 Corning/Geneseo, NY       all RAM specifications, they're noo scottish"

Follow-Ups:
- Re: NIS problems between OpenBSD/i386 3.1 server and RedHat/i386 7.3 clients
  - From: Andrew Pinski <pinskia@physics.uc.edu>

Prev by Date: Re: impact of no /tmp
Next by Date: Re: impact of no /tmp
Prev by thread: Re: /etc/rc terminates abnormally
Next by thread: Re: NIS problems between OpenBSD/i386 3.1 server and RedHat/i386 7.3 clients
Index(es):
- Date
- Thread