Firewalls: Re: root account and routine work

Firewalls
(August 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re: root account and routine work
From:	Adam Shostack <adam @ bwh . harvard . edu>
Date:	Tue, 23 Aug 94 14:11:55 EDT
To:	roberto @ hsc . fr . net
Cc:	firewalls @ greatcircle . com
In-reply-to:	<9408231453 . AA11447 @ blaise . ibp . fr>; from "Ollivier ROBERT" at Aug 23, 94 4:53 pm

| > Shouldn't sysadmins have a "regular" account that they use most of the
| > time, and a "root" account that is only used for system administration?
| > 
| > This is true on the routers as well as clients and servers, I think.
| > 
| > Other opinions?
| 
| I do agree with you. As for becoming root, you have several ways :
| 1. have uid 0 accounts for sysadms with regular passwords,
| 2. have uid 0 accounts with calculators,
| 3. if you don't need that much security you can use S/key system
|    with the above accounts.

Why do you rate S/Key as being less secure than calculators?

Adam

References:

root account and routine work
From: roberto @ blaise . ibp . fr (Ollivier ROBERT)

Indexed By Date	Previous:	Re: conditional encryption From: sedayao @ argus . intel . com (Jeffrey C. Sedayao)
Indexed By Date	Next:	portmapper requirement From: Larry Chin <Larry_Chin @ cchtor . ca . cch . com>
Indexed By Thread	Previous:	root account and routine work From: roberto @ blaise . ibp . fr (Ollivier ROBERT)
Indexed By Thread	Next:	Firewall routers From: Jake Hill <jhill @ srd . bt . co . uk>