Re: Password Change Management

["Michel Pereira" <michel () michel eti br>]

   And why not an centralized authentication services like Active
Directory (Windows) or LDAP (Linux)?
   It's very easy to remove (block, change password) the user and he
can't login anywhere.

bye

On 3/1/06, Jakub Zvěřina <barbucha () gmail com> wrote:
> IMO, the best solution of this is that admin has his own account and
> he would manage server via sudo. When he's off, just remove him from
> sudoers. I do not see anything bad about this, do you? Since you can
> excactly specify what he can do and where, I think, there is no
> better way to manage this.
>
> Other way could be let the admins authenticate themselves by public
> DSA(or RSA) key. It is also easy to remove him from ~/.ssh/
> authorized_keys. Changing of passwords is too expensive to do it
> always someone is "leaving the ship".
>
> -jz

--
Só Jesus salva,o homem faz backups.
http://www.michel.eti.br