Re: [expert] managing numerous passwords
On Wed, 26 Jan 2000, Harondel J. Sibble wrote: Now presently, I keep all my passwords in a pgp encrypted file on one of my boxes (backed up to tape and another box) and am curious what methods people use to keep the password list from growing out of hand. Also especially when you are admining/maintaining a network of co-located machines. Do you use say a few passwords that are randomly distributed between machines, a different password for each machine, or what. Although I can't claim to know a great deal about it, the usual solution in cases like this is to designate one of your machines as an NIS server - all the user info (including passwords) is then held on the one machine and the rest of the network refers to that server for authentication information. That, I'm afraid, is about the sum total of my knowledge of NIS :-( I got a copy of "Redhat 6 Unleashed" for Christmas, but I haven't got the the chapter on NIS yet.. -- Phil Edwards Technical Specialist == Travellog Systems Phone +44 (0)1444 459016 The Priory, Haywards HeathFax +44 (0)1444 456655 West Sussex, RH16 3LB mailto:[EMAIL PROTECTED] United Kingdom http://www.travellog.co.uk ==
Re: [expert] managing numerous passwords
Harondel J. Sibble wrote: (curious) what methods people use to keep the password list from growing out of hand. Also especially when you are admining/maintaining a network of co-located machines. Do you use say a few passwords that are randomly distributed between machines, a different password for each machine, or what. Phil Edwards replied: Although I can't claim to know a great deal about it, the usual solution in cases like this is to designate one of your machines as an NIS server I think the low-tech method is best. Get too fancy, NIS, rsync and other stuff, and if something breaks, it all falls down like a string of dominoes. I think that passwords should be kept in one of three places: your head, a 3x5 card in the safe, or a laminated card in your wallet. It also helps if YOUR non-root accounts, regardless of the username have the same password. YOu may wish to have the root passwords all the same, or follow some scheme that is obvious only to you. Howver, all this is moot if you have a wallet-size card. -- Ramon Gandia = Sysadmin == Nook Net http://www.nook.net[EMAIL PROTECTED] 285 West First Avenue tel. 907-443-7575 P.O. Box 970 fax. 907-443-2487 Nome, Alaska 99762-0970 Alaska Toll Free. 888-443-7525
Re: [expert] managing numerous passwords
On Wed, 26 Jan 2000, you wrote: Harondel J. Sibble wrote: (curious) what methods people use to keep the password list from growing out of hand. Also especially when you are admining/maintaining a network of co-located machines. Do you use say a few passwords that are randomly distributed between machines, a different password for each machine, or what. Phil Edwards replied: Although I can't claim to know a great deal about it, the usual solution in cases like this is to designate one of your machines as an NIS server I think the low-tech method is best. Get too fancy, NIS, rsync and other stuff, and if something breaks, it all falls down like a string of dominoes. I think that passwords should be kept in one of three places: your head, a 3x5 card in the safe, or a laminated card in your wallet. It also helps if YOUR non-root accounts, regardless of the username have the same password. YOu may wish to have the root passwords all the same, or follow some scheme that is obvious only to you. Howver, all this is moot if you have a wallet-size card. What really helps is if you use a small number of passwords for all machines (one to three) using SSH... and limit allowed ssh connections to a few specific machines. :-) Then, you really only need to know a couple or three passwords. :-) John
[expert] managing numerous passwords
Okay, most of us know how important good passwords are as a first line to keeping the system secure, but what happens when one has multiple systems they maintain and each system has multiple passwords. Now the list of passwords one has to remember rapidly gets out of hand. A few months back when PC Magazine had their hack the website contest (the had NT, Linux and Mac web servers up), they mentioned in closing that the amount of passwords they had to maintain was completely unwieldly and they eventually setup a laptop with all the passwords, knowing that if the laptop walked away, the game was up. Now presently, I keep all my passwords in a pgp encrypted file on one of my boxes (backed up to tape and another box) and am curious what methods people use to keep the password list from growing out of hand. Also especially when you are admining/maintaining a network of co-located machines. Do you use say a few passwords that are randomly distributed between machines, a different password for each machine, or what. TIA Harondel J. Sibble Sibble Computer Consulting Creating solutions for the small business and home computer user. [EMAIL PROTECTED] (pgp enabled)http://www.pdscc.com (604) 739-3709 (voice/fax) (604) 686-2253 (pager)