Re: shared root account

[Jason Healy <jhealy@logn.net>]

At 994696370s since epoch (07/09/01 04:32:50 -0400 UTC), Juha J?ykk? wrote:
> One question raises however: If I have multiple uid=0 accounts,
> will any of their passwords suffice as "root" password when entering
> single user mode? Obviously sudo will not do here, so I will need a
> root password, period.

Our solution to this (multiple admins on a single box) was to write
the root password (some horribly cryptic thing) down on a piece of
paper and put it in a sealed envelope, which we then stuck to the
machine.  The machine was locked in the server room, so the only
people who could get to the root password (and the console) were the
people with keys.  If you needed to boot to single-user, you'd rip
open the envelope and use the password.  When you were done, you'd
change the password, write it down on a new piece of paper, and seal
in in an evelope.

The rest of the time, all admins used sudo.  Nobody ever "knew" the
root password.

> The other users will have to make do with either
> sudo or multiple uid=0 accounts. Multiple uid=0 accounts sounds better
> in that it does not elevate ordinary passwords into root passwords (of
> course, in practice people may keep them the same - can that be
> helped?) but on the other hand, sudo would log...

Just a reminder, you can configure sudo to use a different password
from the regular user account (through PAM).  That alternate password
could be checked to ensure that it was strong and didn't match the
user's password if you really wanted.

Jason

--
Jason Healy    |     jhealy@logn.net
LogN Systems   |   http://www.logn.net/