Re: sync root passwords?
At 2002-12-04T21:57:27Z, Andrew Perrin <clists@perrin.socsci.unc.edu> writes:
> You might want to reconsider the project, frankly - why not make different
> root passwords for different machines? That would seem to be a more secure
> alternative. You can make them systematically different to save yourself
> memorizing them all, by (for example) using the second letter of the
> hostname as one of the characters of the root password or something along
> those lines.
Given the number of machines, I'd say he's in a corporate environment. In
that case, I'd much rather have one password that could be immediately
revoked if needed than 100 disparate passwords that have to be stored in a
database somewhere. At any rate, I'd absolutely positively *never*
algorithmically generate them based on the host environment. In the
one-password scenario, there's no need to. In the many-password case, it'd
be far too easy for the wrong person to get your password-generating
algorithm and then have a program to calculate every password you will ever
use from now on.
--
Kirk Strauser
In Googlis non est, ergo non est.
Reply to: