Re: duqu

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Wed, Nov 30, 2011 at 1:01 PM, John Hinton <webmaster@xxxxxxxx> wrote:
>
 On 11/30/2011 1:55 PM, Benjamin Donnachie wrote:
>
>>> Ssh is mostly about being able to log in.
>> I've always adopted the policy of disabling root logins, making admins
>> use a separate account with public/private key authentication and then
>> requiring them to use su to elevate privileges.
>>
>> Has the advantage that your logs will tell you who logged in and
>> performed an action rather than the vague 'root'.
>>

> How would you automate daily logins from another server to do something
> like rsync the entire /etc directory to a backup system?

You can set up a passwordless sudo that is passed as part of the ssh
command.   And I agree that this is likely to be a safer approach as
long as the private key which is much like a written-down password can
be protected well enough.

-- 
   Les Mikesell
    lesmikesell@xxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux