llihttocs at gmail.com
Mon Mar 17 17:09:26 MDT 2008
On Mon, Mar 17, 2008 at 4:25 PM, thebigdog <bigdog at venticon.com> wrote:
> > on linux boxes that i manage i use ldap for the storage of users and
> > passwords...then i setup pam to use ldap for the authentication methods
> > i employ.
> > http://www.padl.com/OSS/pam_ldap.html
> > with pam you can use a bunch of different storage methods...for example
> > i have setup dovecot and postix to use pgsql and mysql for the users.
> > you could set that up too (unix/linux/mac boxes...not on windows).
> here are a couple other things i use as a server admin regarding logins
> and such:
> 1. i use sudo all the time for root tasks
> 2. users are setup in groups with perms (this means everyone) and groups
> configured in sudo too with various commands depending on the user/group
> 3. i use ssh keys for various servers
> 4. ip restrictions for various internal and external ports
Very sound advise. This is basic ?nix admin. Even if you are the only
person developing on a box you should never do anything as root. You should
always set up and use sudo to take care of root tasks and you should always
set up a group (even if it's just for yourself) that is not "other" and/or
owned by root. It makes the "admin" in your life much easier.
my humble $.02
> UPHPU mailing list
> UPHPU at uphpu.org
> IRC: #uphpu on irc.freenode.net
Food for thought:
An eagle may soar but a weasel will never get sucked into a jet engine.
A closed mouth gathers no foot.
Never squat with your spurs on.
More information about the UPHPU