[Gllug] Why have root passwords at all?

Tethys sta296 at astradyne.co.uk
Sun Mar 12 00:09:44 UTC 2006


Bruce Richardson writes:

>If you manage large networks, root passwords are a pain.  You have to
>change them all every time somebody leaves your team or whenever you
>think a box in the same environment (or group of boxes with the same
>root password) has been compromised.

You only need to change the root password if your sysadmin team has
the root password in the first place.

>If you are a responsible administrator you have set up a wheel group to
>restrict access to the root account and installed sudo everywhere

Exactly.

>Why not go the distance and make it entirely irrelevant?  Two options
>for this:
>
>	1.  Empty root password
>	2.  Different randomly-generated root password on each box

I went for option 2. Well, nearly. Not randomly generated, and the same
on every box. But unknown to my sysadmin team, who had access via sudo.
If one of them left, their sudo access was revoked, and that's all that
mattered. The root passwords were stored in a tamper evident envelope in
the company safe, so that in the (hopefully unlikely) event that I was
hit by a bus, the company could still get root access directly.

For any sizeable network, I highly recommend this approach.

Tet
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list