[TriLUG] Shared user account best practices

Warren Myers volcimaster at gmail.com
Thu Jul 10 12:31:38 EDT 2008


Can you use a pre-shared ssh key, and lock down the user on the remote box
(either directly, or using ldap/nis/whatever) so it can only do the tasks
you allow?

WMM

On Thu, Jul 10, 2008 at 12:22 PM, Shawn Hood <shawnlhood at gmail.com> wrote:

> All,
>
> Shared user account best practices?  Seemingly a misnomer.  :)
>
> At any rate, I was hoping to get some guidance on the following issue.
>  My organization needs user accounts to be used by scripts for
> automated tasks (e.g. deploying an application build to a server,
> logging into to check certain aspects of a system).  I've seen
> configurations where certain users are only allowed to execute a
> certain set of commands via SSH instead of actually getting a shell.
> This seems like a step in the right direction.  Any other ideas?
>
>
> --
> Shawn Hood
> 910.670.1819 m
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
>



-- 

Warren Myers
http://warrenmyers.com



More information about the TriLUG mailing list