FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 11-29-2010, 03:13 PM
Iain Morris
 
Default directory services and root/sudo access

This is perhaps a more general security question. *For those of you with a directory services installation, do you install a generic local user with sudo access in case directory services is not available? *Or do you just beef up your directory services to the point that you are confident it will almost always be up?

I usually disable root login via ssh, but allow it from the physical console, and make an emergency generic account with sudo privs in case DS breaks down. *What I've noticed, however, is if I simulate a directory services failure, ssh logins with this generic local account take an eternity as the server still tries to auth that user against ldap/kerberos first. *I'm sure this could be adjusted in pam in some way.

I was just curious how other admins approach this, and what level of trust they place in directory services being available.

--
-- -
Iain Morris
iain.t.morris@gmail.com



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 11:35 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org