<br><br><div class="gmail_quote">On Mon, Apr 30, 2012 at 10:59 AM, Mike Miller <span dir="ltr"><<a href="mailto:mbmiller+l@gmail.com" target="_blank">mbmiller+l@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On Mon, 30 Apr 2012, Robert Nesius wrote:<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On Mon, Apr 30, 2012 at 9:58 AM, Mike Miller <<a href="mailto:mbmiller%2Bl@gmail.com" target="_blank">mbmiller+l@gmail.com</a>> wrote:<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I get your idea -- anyone connecting using the keys wouldn't be able to use sudo unless he knew the sudo password. That's good, but can't that also be accomplished by having a sudo password that is different from the user password? (Which is what I was asking about above.) I have a different user password on every machine I log into, and I could easily also have a different sudo password, too.<br>
</blockquote>
<br>
<br>
I've never seen the sudo password different from the user's system password. I did some google searches and saw one mechanism for doing it, which I found interesting. Are you directing sudo to target another user to facillitate authentications? Doesn't that mean everyone using sudo on the system is using the same account for authentication? I'm curious to know more about what you're doing here.<br>
</blockquote>
<br>
I haven't done it. I just thought it was possible to have a different sudo password than user password, just like one may have a different root password than user password. I don't know what the possibilities are -- for example, can every user with sudo permissions have a different sudo password that is also different from their user password? I don't know.<br>
</blockquote><div><br></div><div>With sudo, the user is proving to sudo that the user is the user, and is doing it by using the user's password. If you configure sudo to use PAM, this can be extra slick in large environments where you're sourcing identity from single-sign-on sources (ldap, AD, etc..). Then sudo doesn't have to know anything about how you're sourcing identity and performing auths - it just asks PAM to authenticate you and the magic happens. </div>
<div><br></div><div>I did see a way to tell sudo to use a "target account". Which is to say when User X wants to escalate privs, authenticate against User Y. It wasn't clear to me if all users would effectively have to know that target password. </div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On systems where I can sudo to get root permissions, I am always the only one who may do so, so I haven't looked into what happens with multiple sudo'ing users.<br>
</blockquote><div><br></div><div>I've had to deal with large sudoers files before. Not fun. Not sure I'd want to add maintaining a whole new auth system with it too. </div><div><br></div><div>-Rob </div><div><br>
</div><div> </div></div>