What are the flaws of NIS directory server?

microlinux · April 9, 2023, 9:15pm

Hi,

Our local school has been running a bone-headed centralized authentication setup using NIS and NFS since 2010 (on CentOS 5.x, 6.x, 7.x and now Rocky Linux 8.7).

NIS is very easy to setup and it’s one of the things that JustWorks™. I understand it’s been officially deprecated and is not included in RHEL 9.x.

Does someone have an informed opinion on why NIS is deprecated in terms of flaws and/or security considerations ? I bluntly admit I’ve grown to like it.

Cheers,

Niki

FrankCox · April 9, 2023, 9:50pm

https://web.mit.edu/rhel-doc/4/RH-DOCS/rhel-sg-en-4/s1-server-nis.html

NIS is rather insecure by todays standards. It has no host authentication mechanisms and passes all of its information over the network unencrypted, including password hashes. As a result, extreme care must be taken to set up a network that uses NIS. Further complicating the situation, the default configuration of NIS is inherently insecure.

Topic		Replies	Views
Nis on Rocky/RHEL 9 Rocky Linux General rocky-linux-9 , unsupported	5	1312	December 24, 2023
NIS user cannot login to RL9 client Rocky Linux General rocky-linux-9	6	337	March 23, 2024
Rocky Linux 8 NIS client issue Rocky Linux General	3	1027	August 25, 2023
Samba shares authenticated by Active Directory Rocky Linux General	23	3575	August 25, 2023
Rocky 9 AD Join & AD Authentication on Win Svr SMB Shares Rocky Linux General	4	1394	August 21, 2023

What are the flaws of NIS directory server?

Related Topics