Initializing a Client by Host Name
Initializing a client by host name consists of explicitly identifying the IP address of its trusted server. This server's name, location information, and public keys are then placed in the client's cold-start file.
This method is more secure than the broadcast method because it actually specifies the IP address of the trusted server, rather than relying on a server to identify itself. However, if a router exists between the client and the trusted server, it could intercept messages to the trusted IP address and route them to an untrusted server.
Security Considerations
You must perform this operation as superuser on the client.
Prerequisites
-
The NIS+ service must be running in the client's domain.
-
The client must have an entry in its /etc/hosts file for the trusted server.
-
The client must use the same Diffie-Hellman key lengths as those on the master server. See nisauthconf(1M).
Information You Need
You need the name and IP address of the trusted server.
Initializing an NIS+ Client--Task Map
Table 6-4 Initializing an NIS+ Client|
Task |
Description |
For Instructions, Go To |
|||||
|---|---|---|---|---|---|---|---|
|
Initializing a Client by Host Name |
Use nisinit command to initialize an NIS+ client by host name. | ||||||
How to Initialize a Client--Host-name Method
-
Check the client's /etc/hosts file.
Make sure the client has an entry for the trusted server.
-
Initialize the client.
This step initializes the client and creates a NIS_COLD_START file in its /var/nis directory. Use the nisinit command with the -c and -H options. This example uses rootmaster as the trusted server.
Client1# nisinit -c -H rootmaster This machine is in the doc.com. NIS+ domain. Setting up NIS+ client ... All done.
The nisinit utility looks for the server's address in the client's /etc/hosts file, so do not append a domain name to the server. If you do, the utility will not be able to find its address.
- © 2010, Oracle Corporation and/or its affiliates