[SunHELP] Root Password management - How do you do it?
Thomas Cameron
sunhelp at sunhelp.org
Wed Sep 26 16:58:27 CDT 2001
Sounds like you may want to take a hard look at sudo. Solves these
problems AND provides a decent paper trail.
----------------------- Thomas D. Cameron -----------------------
Red Hat Certified Engineer ------ TurboLinux Certified Instructor
--------------- Novell Certified NetWare Engineer ---------------
Microsoft Certified Systems Engineer -- Microsoft Certified Trainer
-------------------------------------------------------------------
-----Original Message-----
From: sunhelp-admin at sunhelp.org [mailto:sunhelp-admin at sunhelp.org] On
Behalf Of Andrew Vendryes
Sent: Wednesday, September 26, 2001 12:58 PM
To: sunhelp at sunhelp.org
Subject: [SunHELP] Root Password management - How do you do it?
Hello,
I have a question for those of you who manage from ten to fifty Solaris
boxen.
What procedures/systems do you use for managing the root passwords?
I have searched SANS <http://www.sans.org> and CERT
<http://www.cert.org/> but they are offering the usual stuff on how to
select a password and not much in the way I want.
I am hoping that some of you can point me to a source for generally
accepted practises or, what you would like to do, or what you do
yourself :
"One person has password for foo, and it is written down, sealed in an
envelope and locked in the safe for which only the Manager has the
combination"
I am also interested in hearing about drawbacks such as:
"The BOFH went on vacation at the same time as PHB.
The PFY encountered a situation where he needed the root password for
foo. Nothing was done because neither the BOFH nor the PHB had left
instructions with the PFY on how to be reached.
The PHB returned before the BOFH but could not remember the combination
for the safe and so ... "
Of course some of you may pefer to respond outside the list on this one
:)
Regards,
--
Andrew Vendryes -- sunh at vendryes.com
_______________________________________________
SunHELP maillist - SunHELP at sunhelp.org
http://www.sunhelp.org/mailman/listinfo/sunhelp
More information about the SunHELP
mailing list