[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: temporary root accounts and expiring them after a certain time
- From: Jim Barbour <jbarbour barcore com>
- To: brent harding <bharding greenbaynet com>
- Cc: blinux-list redhat com
- Subject: Re: temporary root accounts and expiring them after a certain time
- Date: Wed, 28 Jun 2000 23:12:37 -0700
Hi Brent,
I suggest sudo.
You can get it from ftp.cs.colorado.edu
sudo allows you to give logins root privs, without knowing the
root word. You can give them this access temporarily, you can log
what they're doing as root, you can specify certain commands each user
is allowed to execute, and much more.
Also, if you allow anyone to telnet into your Linux box, you've
already sacrificed much of your security. May I also suggest ssh2.
You can find it at http://www.ssh.com/
I hope this helps.
--
Jim Barbour ---
-----------------------------------------------------------------------------
Home pager Cel phone e-mail: jbarbour barcore com
619-297-2487 800-200-6068 619-977-6491 page: jbarbour pager
-----------------------------------------------------------------------------
*** On Wed, 28 Jun 2000 23:28:25 CDT, blinux-list redhat com wrote...
> Is it possible to make an account that can do root functions th at has a
> temporary life that it eventually expires? I know you can do expiring
> passwords, but how can you make the account disable for example after a
> week or so? For example, if I had someone install DSL or something and the
> provider uses unusual setups, and I need to give someone access to my
> computer temporarily, how would I make it so their access terminates close
> to after it's done to maintain security don't have permanent telnet access
> to the main root login? I would probably want to have backups that aren't
> close to the computer just to have something recoverable if one day I'd
> come home and not have anything on my system because someone told a friend
> a password that the friend shouldn't have access to. More accurately,
> likely, I'd not want stale privileged accounts laying on the system that
> are no longer needed for the task they were made for. What if I set the max
> days for the password to exist lower than the minimum amount to change the
> password? Will a user still be able to change the password if it's set to
> expire before they are allowed to change it?
>
>
> ---
> Send your message for blinux-list to blinux-list redhat com
> Blinux software archive at ftp://leb.net/pub/blinux
> Blinux web page at http://leb.net/blinux
> To unsubscribe send mail to blinux-list-request redhat com
> with subject line: unsubscribe
>
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]