-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 15 May 2003 at 02:31:22PM +0200, Torbjorn Pettersson wrote: > Compare this with a secure, locked down root password in a > sealed letter in a safe somewhere that only you now what it is, > but everyone know were to find in an emergency + sudo + a sane > password aging policy.
Or, assuming all the admins have gpg, encrypt the root password with everyone's key, and stick it on a common file share. If it is needed they will pull it down to their workstation and decrypt it. Likely to be more secured against local attacks than a seal envelope. - -- Phillip Hofmeister Network Administrator/Systems Engineer IP3 Inc. http://www.ip3security.com PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import - -- Excuse #222: Telecommunications is downshifting. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+xNzES3Jybf3L5MQRAmsOAJ9/AsFNdc6MrN0YW7vVHUnZ8HMHVACZAVnF nXu7Re1EAWQzPqIlHjT80Bk= =Qdem -----END PGP SIGNATURE-----
