private servers sharing common root
Mark Lane
lmlane-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Thu Jun 24 20:26:31 UTC 2010
While I would be inclined to do it that way too, it would be more
secure if you logged in as someone other than root. Correct me if I am
wrong but turning off root login in SSH is a pretty standard procedure
is it not.
On Thu, Jun 24, 2010 at 12:43 PM, Christopher Browne <cbbrowne-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote:
> On Thu, Jun 24, 2010 at 10:32 AM, teddy <teddy-5sHjOODPK7E at public.gmane.org> wrote:
>> To enable scripts and automation they all share a common root password.
>>
>> I have learned that the same passwords on multiple servers, especially the
>> same root
>> password is a recipe for an insane amount of work, especially if there is a
>> security
>> breach. Because ALL the servers with the common password must be considered
>> compromised.
>
> Yep, I agree that having the same root password everywhere is likely
> to be troublesome if you're particularly worried about security.
>
> I'd be inclined to have routine administration take place based on a
> "pull" model instead of the "push" model characteristic of 'logging in
> to each box.'
>
> http://www.infrastructures.org/bootstrap/pushpull.shtml
> --
> http://linuxfinances.info/info/linuxdistributions.html
> --
> The Toronto Linux Users Group. Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
>
--
Mark Lane <lmlane-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org>
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list