|
|
|
|
|
|
by robertknight
4261 days ago
|
|
|
> The README says 'Better security now that you
> can have a different password for every server
> if you'd like'. Can you explain a bit more about your situation? I'd expect most people managing a lot of servers to be using a single LDAP account for login plus SSH passwordless logins - or are these servers maintained by external companies? |
|
|
For machines that I manage that are hosted by 3rd party VM providers I always use a separate root password. If the provider is compromised an attacker could modify the disk image I'm running from (say, with a modified /bin/su) and I don't want that to spread to other machines.
In the distant past when I was doing consulting I used to have passwords for multiple different clients. Obviously they need to be kept separate.