>> [Gatorboxes...no user password...tell you the NIS domainname] > Maybe a good reason to join the crowd and not run NIS? I wish. It's clear to me that NIS is a big problem. But what else is out there? We have a definite need to share passwd databases across many machines, from multiple vendors, none of which we have source code to. How close to a solution can we get? Would it work to simply find/write replacements for login and passwd that use something less hopelessly insecure, and then, for the benefit of the numerous vendor binaries that expect to use getpw*(), provide a small stupid interface that looks like an NIS server but gets its data from the real database (and doesn't hand out even hashed passwords to clients who cannot be verified as privileged)? Or do login and passwd do too much undocumented vendor-specific stuff? (I'd also _really_ like to change the password hashing algorithm. The traditional tweaked-DES one just isn't strong enough for comfort any longer. And if login and passwd are being replaced....) der Mouse mouse@collatz.mcrcim.mcgill.edu