| |
NIS/Kerberos Centralized Authentication
Kerberos provides strong authentication mechanism, but doesn't store user account data.
NIS stores user account data, such as UID, GID, home directory, and
login shell, but doesn't contain password hashes for security reasons.
Pluggable Authentication Module (PAM) is configurable for services that require authentication.
PAM obtains the TGT from KDC, caches it, and allows to login
if a user provides valid credentials.
|
|