Hi all, My manager just came in asking questions about sudo. We use sudo here as a replacement for hacing to know root passwords - in general there are around 5 of us who need root access to the machines we maintain. we typically have just fallen back to a ALL=ALL for ourselves so we can just prepend sudo to any command we need executed as root.
Now in his mind this is removing a level of security. If someone manages to get my password, they also can gain access to root via sudo. IN an environment where I have 25+ machines, different passwords for all machines is not that workable. What are other peoples thoughts on this? Where have I gone wrong in implementation? What would be your recommendations in this case? Cheers, Stewart
