Hi.
On Tue, Aug 04, 2020 at 04:20:58PM -0400, Dan Ritter wrote:
> Reco wrote:
> > On Tue, Aug 04, 2020 at 09:47:24AM +0200, Marco M?ller wrote:
> > > Is it possible (how?) to restrict a user to only be allowed to make use
> > > of its sudo usage permission if working at the physical cons
Reco wrote:
> Hi.
>
> On Tue, Aug 04, 2020 at 09:47:24AM +0200, Marco M?ller wrote:
> > Is it possible (how?) to restrict a user to only be allowed to make use of
> > its sudo usage permission if working at the physical console, not granting
> > to this
> > user sudo permission when i.e.
Hi.
On Tue, Aug 04, 2020 at 09:47:24AM +0200, Marco Möller wrote:
> Is it possible (how?) to restrict a user to only be allowed to make use of
> its sudo usage permission if working at the physical console, not granting to
> this
> user sudo permission when i.e. logged in via ssh? To kee
On Tue, Aug 04, 2020 at 10:24:16AM -0500, John Hasler wrote:
> tomas writes:
> > OTOH practice has shown: if you're doing sudo, you will have forgotten
> > your root password anyway when you need it (I have, it's some horrible
> > "pwgen -n 16" or something), and it' back to...
>
> It should be wr
Hi Marco,
On Tue, Aug 04, 2020 at 09:47:24AM +0200, Marco Möller wrote:
> Is it possible (how?) to restrict a user to only be allowed to make use of
> its sudo usage permission if working at the physical console, not granting
> to this user sudo permission when i.e. logged in via ssh?
I was intri
tomas writes:
> OTOH practice has shown: if you're doing sudo, you will have forgotten
> your root password anyway when you need it (I have, it's some horrible
> "pwgen -n 16" or something), and it' back to...
It should be written down somewhere secure. Depending on your threat
model this can be
On Tue, Aug 04, 2020 at 04:09:30PM +0200, Marco Möller wrote:
The idea of Tomas to look in /etc/sudoers.conf for something like
'requiretty' sounds promising. I will need a couple of days to read
and learn about this and then testing it.
That won't work. Anything that's based on identifying a
On 04.08.20 15:50, Henning Follmann wrote:
On Tue, Aug 04, 2020 at 11:44:04AM +0200, Marco Möller wrote:
On 04.08.20 10:59, to...@tuxteam.de wrote:
On Tue, Aug 04, 2020 at 09:47:24AM +0200, Marco Möller wrote:
Is it possible (how?) to restrict a user to only be allowed to make
use of its sudo
On Tue, Aug 04, 2020 at 11:44:04AM +0200, Marco Möller wrote:
> On 04.08.20 10:59, to...@tuxteam.de wrote:
> > On Tue, Aug 04, 2020 at 09:47:24AM +0200, Marco Möller wrote:
> > > Is it possible (how?) to restrict a user to only be allowed to make
> > > use of its sudo usage permission if working at
On Tue, Aug 04, 2020 at 07:39:53AM -0400, Greg Wooledge wrote:
> On Tue, Aug 04, 2020 at 11:44:04AM +0200, Marco Möller wrote:
> > As my root account is disabled, I do all administration as the "normal" user
> > with the help of sudo for running administrative commands. The user "root"
> > shall no
On 04.08.20 13:39, Greg Wooledge wrote:
On Tue, Aug 04, 2020 at 11:44:04AM +0200, Marco Möller wrote:
As my root account is disabled, I do all administration as the "normal" user
with the help of sudo for running administrative commands. The user "root"
shall not login nowhere, not at the physic
On Tue, Aug 04, 2020 at 11:44:04AM +0200, Marco Möller wrote:
> As my root account is disabled, I do all administration as the "normal" user
> with the help of sudo for running administrative commands. The user "root"
> shall not login nowhere, not at the physical console and not by ssh, never.
Re
On Tue, Aug 04, 2020 at 11:44:04AM +0200, Marco Möller wrote:
> On 04.08.20 10:59, to...@tuxteam.de wrote:
[pam sshd]
> Sorry, I will not have been clear enough, or did not understand your
> answer clearly, ssh and pam are both new to me, and I also never
> configured sudo myself.
Ah, got it. Th
On 04.08.20 10:59, to...@tuxteam.de wrote:
On Tue, Aug 04, 2020 at 09:47:24AM +0200, Marco Möller wrote:
Is it possible (how?) to restrict a user to only be allowed to make
use of its sudo usage permission if working at the physical console,
See pam_securetty(8) for that. Sorry I can't give yo
On 04.08.20 10:38, Keith bainbridge wrote:
On 4/8/20 5:47 pm, Marco Möller wrote:
I have the root account already deactivated, and am using in principal
only one main user who also has the sudo permissions for being able to
do all the system administration, exactly as Debian was setting this
u
On Tue, Aug 04, 2020 at 09:47:24AM +0200, Marco Möller wrote:
> Is it possible (how?) to restrict a user to only be allowed to make
> use of its sudo usage permission if working at the physical console,
See pam_securetty(8) for that. Sorry I can't give you some step-by-step
account.
> not grantin
On 4/8/20 5:47 pm, Marco Möller wrote:
I have the root account already deactivated, and am using in principal
only one main user who also has the sudo permissions for being able to
do all the system administration, exactly as Debian was setting this up
automatically during the system installati
Is it possible (how?) to restrict a user to only be allowed to make use
of its sudo usage permission if working at the physical console, not
granting to this user sudo permission when i.e. logged in via ssh? To
keep it simple, I could imagine to even have all sudo for all users
deactivated auto
18 matches
Mail list logo