[SLL] sharing superuser account is always bad policy, right?
Jeremy C. Reed
reed at reedmedia.net
Thu Feb 5 12:30:04 PST 2009
On Thu, 5 Feb 2009, Phil Mocek wrote:
> Is this practice typical among "Web hosting" companies who provide
> dedicated Linux servers?
It is normal practice for companies to also have superuser access for
dedicated servers.
If not, you will have to make extra effort to provide details to them
(which may be slower) or troubleshoot problems yourself.
In a past job for a company supporting 100+ dedicated servers with
over 30 customers we had a superuser (UID 0) account of our own in
addition to the customers own root. On most we used SSH keys to login as
UID 0 directly. Not very good for auditing nor control to share UID 0, but
it is very normal (as I have seen many other places also).
On a related note, some systems I use (but not setup or owned by me) have
no root password on purpose. You login with SSH key only and if you are in
the correct group, you can su to root without any extra authentication.
More information about the linux-list
mailing list