Well f*ck me, RHEL 9 finally got rid of NIS. I think I knew this was coming but that was so far in the future, I had plenty of now problems to deal with. They are right, NIS is not at all secure for user auth. Great. I don't use NIS for that anymore. I use NIS for groups, netgroups, and automount maps, especially automount maps. I'm not worried about security for those. Might be time to finally develop a replacement to those bits of NIS and retire NIS like I've been contemplating.
@jimbodie I recentlly watched a video of someone testing SunOS. The presenter did show NIS,
it did look like magic.. The spark station picked up the os from network plus automounts and all.. I figure it's hard to replace that once
you get used to it.
@thaodan I started off in those SunOS and Solaris days when NIS was king. It is indeed quite nice, especially when one is quite used to it. It's simple and robust, if one can stay within the size limits of each map. it get a little angry when a map grows too big. It's time to migrate to something more current, and this change in RHEL 9 is a great motivator for me.
@jimbodie What would be a replacement for it? For me as a personal user with a few machines plus a directory server the whole idea about logging in on a machine and having all my data sounds great.
Only downside is cost and the internet being in between clients and servers.
@thaodan Look into LDAP. For me, given that we are outsourcing out user auth to the campus wide active directory setup, I didn't feel a locally managed LDAP was worth it for me. For you, that might be different. I'm also looking into Red Hat Identity Management as an option. That and LDAP may be overkill for my department depending on which services we need to use. I'm still exploring my options.
@jimbodie I run 389-ds on a vps for me as a idm for my services such as #email and #nextcloud.
I looked into freeipa once but I figured that I'd have to move to fedora or rhel wasn't an option and it in many ways an overkill.
Some services that freeipa are very useful outside of it such as sssd. Cockpit makes 389-ds quite easy to manage.
I plan to move my setup to #openSUSE however I want to figure out how to migrate my setup to some declarative.
Right now I only manage my service configs in Git
@kalpa@thaodan Thanks. I did not know that was a thing. I'll add that to the things I check out. This project is literally something that sprang out of some work I was doing this afternoon so there has been zero work or planning done so far. It is proving to be a potentially very interesting project so i have that going for me.