[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: shared root account

On Fri, Jul 06, 2001 at 12:15:43PM +0300, Juha J?ykk? wrote:
>   I have a bit of a situation: I have a handful of linux machines
> (almost all with different distributions and kernels and software -
> time (we all know keeping up security is a fulltime job). Obviously to
> install patches etc I, also, need root privileges.
>   This poses a problem if I am not to remember all those different
> root passwords and without making all the passwords the same! How can
> that _safely_ be accomplished? There are versions of su, sudo etc) that
> do not ask passwords, there are suid binaries but which is _THE_ way

You could also use SSH to accomplish this. Set it up so you log in with
RSA/DSA key's (and no passwords) and authenticate with your key's passphrase.
You will become root on the machine, and you'll be able to use your own
passphrase, as will the other 'root's on the machine, each his own keypair and

(Put the public key in the .authorized_keys file for the root user)
TUrn on RSA/DSA authentication and 'allow root login'

Mark Janssen                         Unix Consultant @ SyConOS IT
E-mail: maniac@markjanssen.nl              GnuPG Key Id: 357D2178
http: maniac.nl, unix-god.[net|org], markjanssen.[com|net|org|nl]

Reply to: