Re: Securing root password?

From: Green, Simon (Simon.Green_at_EU.ALTRIA.COM)
Date: 11/10/05

  • Next message: Green, Simon: "Migrating to AIX 5.2" 
    Date:         Thu, 10 Nov 2005 10:47:11 +0100
To: aix-l@Princeton.EDU

    As Justin said, there's no single best solution.

    A lot must depend on your particular needs. If you're on a public network
    then much more stringent precautions would be needed than for someone on a
    private network.

    For us, something like a bit of paper in a safe just wouldn't work as we
    have staff on multiple sites and also provide out-of-hours support remotely.

    We make use of Password Safe so that all the UNIX technicians can share the
    password, and it expires periodically, (every four weeks at the moment). We
    also use sudo to give root privileges to non UNIX folk when it's needed.
    (That's Database and SAP Basis people, mostly.)

    Coupled with various logs that's enough to keep our auditors happy. 

    -- 
Simon Green							
Altria ITSC Europe s.a.r.l.
AIX-L Archive at https://new-lists.princeton.edu/listserv/aix-l.html
New to AIX? http://publib-b.boulder.ibm.com/redbooks.nsf/portals/UNIX
N.B. Unsolicited email from vendors will not be appreciated.
Please post all follow-ups to the list.
-----Original Message-----
From: IBM AIX Discussion List [mailto:aix-l@Princeton.EDU] On Behalf Of AIX
Geek
Sent: 09 November 2005 16:06
To: aix-l@Princeton.EDU
Subject: Securing root password?
Do you all have a "best practice" for "securing" the
root account?
<SNIP>
  • Next message: Green, Simon: "Migrating to AIX 5.2"