private servers sharing common root

Christopher Browne cbbrowne-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Thu Jun 24 16:43:32 UTC 2010


On Thu, Jun 24, 2010 at 10:32 AM, teddy <teddy-5sHjOODPK7E at public.gmane.org> wrote:
> To enable scripts and automation they all share a common root password.
>
> I have learned that the same passwords on multiple servers, especially the
> same root
> password is a recipe for an insane amount of work, especially if there is a
> security
> breach. Because ALL the servers with the common password must be considered
> compromised.

Yep, I agree that having the same root password everywhere is likely
to be troublesome if you're particularly worried about security.

I'd be inclined to have routine administration take place based on a
"pull" model instead of the "push" model characteristic of 'logging in
to each box.'

http://www.infrastructures.org/bootstrap/pushpull.shtml
-- 
http://linuxfinances.info/info/linuxdistributions.html
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list