> From: Edward Ned Harvey (lopser) > > If users protect their ssh keys well, then just ssh keys would be great. > Unfortunately this is not always so. So I still think it's wise for sudo to > require > password. Better yet, implement true 2-factor, where you first login with ssh > key and before you can do anything, you are immediately presented with a > password prompt, with controls in place to enforce complexity requirements > and rate-limit brute force password guessing.
Oh, sorry - you said this machine is behind a VPN, and the VPN would likely become 2-factor soon. As far as I'm concerned, that means the user is already authenticated, and it's completely reasonable to just use ssh keys and no-password on sudo. It's also reasonable to allow password login on the machine and password-less sudo. _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
