Re: shared root account

To: Juha J?ykk? <juolja@utu.fi>
Cc: debian-security@lists.debian.org
Subject: Re: shared root account
From: Mark Janssen <maniac@markjanssen.homeip.net>
Date: Fri, 6 Jul 2001 11:35:16 +0200
Message-id: <[🔎] 20010706113516.B15496@markjanssen.homeip.net>
In-reply-to: <[🔎] Pine.SOL.4.30.0107061201070.20802-100000@alya.utu.fi>

On Fri, Jul 06, 2001 at 12:15:43PM +0300, Juha J?ykk? wrote:
>   I have a bit of a situation: I have a handful of linux machines
> (almost all with different distributions and kernels and software -
..
> time (we all know keeping up security is a fulltime job). Obviously to
> install patches etc I, also, need root privileges.
>   This poses a problem if I am not to remember all those different
> root passwords and without making all the passwords the same! How can
> that _safely_ be accomplished? There are versions of su, sudo etc) that
> do not ask passwords, there are suid binaries but which is _THE_ way

You could also use SSH to accomplish this. Set it up so you log in with
RSA/DSA key's (and no passwords) and authenticate with your key's passphrase.
You will become root on the machine, and you'll be able to use your own
passphrase, as will the other 'root's on the machine, each his own keypair and
passphrase

(Put the public key in the .authorized_keys file for the root user)
TUrn on RSA/DSA authentication and 'allow root login'

Mark Janssen                         Unix Consultant @ SyConOS IT
E-mail: maniac@markjanssen.nl              GnuPG Key Id: 357D2178
http: maniac.nl, unix-god.[net|org], markjanssen.[com|net|org|nl]

Reply to:

Follow-Ups:
- Re: shared root account
  - From: Just a friendly Jedi Knight <jedi@plukwa.net>

References:
- shared root account
  - From: Juha Jäykkä <juolja@utu.fi>

Prev by Date: Re: shared root account
Next by Date: Re: shared root account
Previous by thread: Re: shared root account
Next by thread: Re: shared root account
Index(es):
- Date
- Thread