KDC Hardware

Turbo Fredriksson turbo at bayour.com
Sat Jan 7 05:38:47 EST 2006


Quoting Jeffrey Hutzelman <jhutz at cmu.edu>:

> On Friday, January 06, 2006 12:37:51 PM +0100 Turbo Fredriksson
> <turbo at bayour.com> wrote:
>
>> Quoting Jeffrey Hutzelman <jhutz at cmu.edu>:
>>
>>> On Thursday, January 05, 2006 10:03:44 AM +0200 Amir Saad
>>> <Amir.Saad at bibalex.org> wrote:
>>>
>>>> i use Fedora 4, OpenLDAP and Kerberos instead of NIS
>>>> what is the suitable hardware configuration for the KDC to support a
>>>> network with 200 machines? thanks
>>>
>>> Whatever random piece of crap you have lying around will do just fine.
>
>> Note though the 'random piece of crap' note is true when it comes
>> to KERBEROS (that doesn't need ANYTHING regarding power/storage/speed)
>> but not LDAP... That is a lot more demanding...
>
> True.  The original question was about a KDC, not an LDAP server.

Doh, right. Sorry. He just mentioned OpenLDAP so I _assumed_ he would
be running both the LDAP _and_ the KDC on the same host. No point really
to separate them. Or?!?

Security? Nah, both need _extra ordinary security_ so it's easier to
safegard ONE machine than two (* nr of slaves of course :).

Price? Keeping the KDC at the very cheapest and the LDAP a lot more expencive
IS of course a reason, but then you have to take into account how much extra
'resources' (time mostly) to keep an extra machine safe. 
But then again, buying one cheap and one more expensive IS more expensive
than buying a 'expencive + some extra for the KDC'...



More information about the Kerberos mailing list