[UPHPU] Passwords

Scott Hill llihttocs at gmail.com
Mon Mar 17 17:09:26 MDT 2008


On Mon, Mar 17, 2008 at 4:25 PM, thebigdog <bigdog at venticon.com> wrote:

> > on linux boxes that i manage i use ldap for the storage of users and
> > passwords...then i setup pam to use ldap for the authentication methods
> > i employ.
> >
> > http://www.padl.com/OSS/pam_ldap.html
> >
> http://quark.humbug.org.au/publications/ldap/system_auth/sage-au/system_auth.html
> >
> > with pam you can use a bunch of different storage methods...for example
> > i have setup dovecot and postix to use pgsql and mysql for the users.
> > you could set that up too (unix/linux/mac boxes...not on windows).
>
> here are a couple other things i use as a server admin regarding logins
> and such:
>
> 1. i use sudo all the time for root tasks
> 2. users are setup in groups with perms (this means everyone) and groups
> are
> configured in sudo too with various commands depending on the user/group
> 3. i use ssh keys for various servers
> 4. ip restrictions for various internal and external ports


Very sound advise.  This is basic ?nix admin.  Even if you are the only
person developing on a box you should never do anything as root.  You should
always set up and use sudo to take care of root tasks and you should always
set up a group (even if it's just for yourself) that is not "other" and/or
owned by root.  It makes the "admin" in your life much easier.

my humble $.02

>
>
>
> --
> ray
>
>
> _______________________________________________
>
> UPHPU mailing list
> UPHPU at uphpu.org
> http://uphpu.org/mailman/listinfo/uphpu
> IRC: #uphpu on irc.freenode.net
>



-- 
Scott Hill

Food for thought:
An eagle may soar but a weasel will never get sucked into a jet engine.
A closed mouth gathers no foot.
Never squat with your spurs on.


More information about the UPHPU mailing list