private servers sharing common root

Andrew Heagle andrew-vUgxaBqSMS7QT0dZR+AlfA at public.gmane.org
Tue Jun 29 05:38:29 UTC 2010


On June 24, 2010 10:32:49 am you wrote:
> See a setup where they are building a lot of new servers.
> To enable scripts and automation they all share a common root password.
> 
> I have learned that the same passwords on multiple servers, especially
> the same root
> password is a recipe for an insane amount of work, especially if there
> is a security
> breach. Because ALL the servers with the common password must be
> considered compromised.
> 
> Now in this instance, these are private servers, not available to the
> outside public.
> They are relatively safe and secure. Nevertheless, if a security breach
> does occur
> they are all considered compromised.
> 
> Can a bash script that sets up a common root password, somehow operate
> on servers
> with different root passwds?
> 
> (Sorry if it sounds confusing. I am confused too at this time)
> Perhaps in a few days I can repost with a clearer picture :)
> 
> /teddy

If you are not interested in configuring and deploying something like Puppet or 
CFEngine for managing your system, I think you might be looking for a tool 
like ControlTier (http://controltier.org/wiki/Main_Page) or Func 
(https://fedorahosted.org/func/)

Regards,
Andrew
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list