[Gllug] managing ssh access for many servers
Andy Millar
andy at andymillar.co.uk
Thu Feb 25 11:48:11 UTC 2010
On Thu, 2010-02-25 at 11:36 +0000, Oliver Howe wrote:
> I would be very interested to hear how other people in large
> environments have their servers/keys admin access managed and opinions
> on the best way
> to do this.
Oliver,
Using LDAP for authentication across all servers will solve most of your
problems. You can then enable/disable accounts centrally for each
individual sysadmin and they can then use sudo.
That way, no sysadmins should ever login as root (this is *BAD*) and all
have the access they need. This also makes auditing who does what far
easier.
I personally also deploy my home directory to all our servers as a RPM.
This makes sure my public key and various .(.*)rc files are in place.
Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20100225/7b20cc5e/attachment.html>
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list