Local Management via su or ssh ?
mark.pitt at ch.ibm.com
mark.pitt at ch.ibm.com
Tue May 22 02:30:13 EST 2001
ssh could give us:
1/ Centrally managed keys and access
2/ No more user accounts in wheel groups lying around various systems
3/ Standard tracking with logging to a server via syslogd.
4/ Passwords managed centrally via pass phrases instead of passwords on
every machine.
As far as not using root is concerned, all for it, but I am just trying to
get some sort of control over root now. sudo etc requires a lot more
engineering, and again has to be done on a per system basis.
However, as rlogin=false is respected by ssh, I cant us it as it would open
up telnetd and rlogin once again, and the logging is weak - why cant we
have a simple one liner - I gave access using key x for user y at time ...
? "line 6" sort of messages are not exactly informative.
More information about the openssh-unix-dev
mailing list