* Using NIS and shadowed passwords under IRIX 5.x and 6.x _________________________________________________________ Disclaimer: I have tested this, and it works for me. I'm not saying this is the 'right' way of doing it. I'm sure you can improve it... You will need ssh and this modified spm; you cand find them at this server: ftp://ftp.cps.unizar.es/pub/unix/security/ssh-*.tar.gz ftp://ftp.cps.unizar.es/pub/unix/security/spm-2.0-irix.tar.gz but you should check the original sites, and if there is a newer version of spm, look for the changes described in the file CHANGES of spm-2.0-irix.tar.gz. ftp://usc.edu/pub/spm http://www.cs.hut.fi/ssh/ Install them and then: * Edit smp.conf and set: set NISPostCmd = /var/yp/ypmake %B set NISPwdFile = /etc/passwd set SPMaccess = hosts= set PDaccess = id * Consider removing the default '-ypsetme' option from /etc/config/ypbind.options (see ypbind(1M)) and commenting out /usr/sbin/ypset `hostname` 2>/dev/null from /var/yp/ypmake and removing the target 'ypservers' from 'all:' in /var/yp/make.script * Edit /var/yp/make.script add a new target 'shadow' to 'all:' add this before '^# not used by SGI$' shadow.time: /etc/shadow $(TOUCH) $@ /usr/local/etc/ypshadow * And at last, make a script which copies /etc/shadow to all the clients: /usr/local/etc/ypshadow #!/bin/sh PATH=/bin export PATH rcp=/usr/local/bin/scp server= clients= shadow=/etc/shadow if [ `/usr/bsd/hostname` = $server ] then for f in $clients do $rcp -p $shadow $f:$shadow done fi Probably you'll want to replace this simple script with something rdist based; anyway, the important bit is the use of 'scp', so encrypted passwords can't be sniffed. For corrections, improvements, etc, mailto:spd@daphne.cps.unizar.es