The difference between nscd and sssd
Quite confused over the difference between Linux Name Service Caching Daemon (NSCD) and System Security Service Daemon (SSSD). As far as I understand, both are used to cache authentication lookup information on the local machine, and still it seems both can be used on the same machine.
What are the differences between the two, and in which cases should I use both ?
nscd is a daemon that provides a cache for the most common name service requests like passwd, group, hosts, service and netgroup.
sssd primarily provides daemons to manage access to remote directories and authentication mechanisms like LDAP, Kerberos, NIS, etc…so it is more about authentication and authorization. It does have its own caching mechanism e.g. for users and groups but there are some more. Consult the manpage of
sssd.conf for further details.
As in the linked article explained,
nscd should not be used at the same time as it can result in unexpected lookups. If you need
nscd e.g. for caching hosts entry, which
sssd does not cache, it is recommended to configure
nscd only for hosts and rely on user, group, etc. caching on
I think the cases you need to run both services are very rare, since the hosts caching is the only entry that
sssd does not cache.