[lug] root password
efm at tummy.com
Wed Aug 2 12:55:18 MDT 2006
I've been following this discussion about passwords with some interest.
Passwords are legacy technology :)
I blogged about the alternatives to passwords:
tummy.com uses SSH keys, not passwords for remote and administrative
access. One of the most sensitive times for security is during a change
in personnel. Passwords are impossible to revoke out of someone's head,
while an SSH key is easily removed. Additionally, SSH key authentication
with ssh-agent is not vulnerable to trojaned intermediate systems
We recommend our clients also use SSH for all remote access. Further, we
recommend that "telnet" and "rlogin" and other similar un-encrypted
access mechanisms be completely disabled. SSH is easy to set up and
maintain on Linux, and provides a small performance increase on the
transmission speed. Wherever practical, we also recommend POP and IMAP in
particular be SSL encrypted, and (to a slightly lesser extent) SMTP.
This post http://www.tummy.com/journals/entries/efm_20041212_160934
contains a description of a variety of security policies and practices to consider.
Hope this helps.
* On 2006-08-02 12:17 Rob Nagler <nagler at bivio.biz> wrote:
> Bear Giles writes:
> > root access, the "somebody reset the root password on a shared
> > machine..." approach doesn't work well in practice.
> This is our standard mode of operating. We don't use sudo. We've
> never had a external or internal security problem.
> sudo removes one level of password security, and introduces many more
> passwords that have root access. It's less secure, but more
> If you have high turnover of people who have root access, slow down
> the process of giving out the root password. We have a formal
> ceremony giving people the root password(s). This happens when we're
> very sure the person is going to stay, and s/he has the necessary
> skills and attitude to handle root access.
> Anybody who leaves our company is still under non-disclosure, and more
> importantly, they have been vetted (after our three month period) to
> not be someone who will go postal. This gives us breathing room on
> changing the root password at our convenience. Yes, there may be the
> rare situation where you need to change the root password immediately,
> but then you will also need to change a lot of other passwords, too,
> including verifying there are no hidden ssh authorized_key entries or
> other trojan horses lying around.
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
This email is: [ ] actionable [x] fyi [ ] social
Response needed: [ ] yes [x] up to you [ ] no
Time-sensitive: [ ] immediate [x] soon [ ] none
Regards, tummy.com, ltd
Evelyn Mitchell Linux Consulting since 1995
efm at tummy.com Senior System and Network Administrators
More information about the LUG