On Mon, 25 Jun 2012, Michael C Tiernan wrote:
----- Original Message -----
From: [email protected]
auditing release of the password (who got the password when, and who
approved it)
One of the things that I never hear discussed during conversations like
this is how exceptions are handled. Some of the exceptions I'd want to
hear discussed include:
How business continuity is maintained across catastrophic events.
How, when everything else has hit the fan, can "I" a "trusted admin"
working in the data center get access into our systems where even the
networking is down? There are times that in preparation of bring up the
data center from a dead stop, I need to log into some systems and run
fsck's (or other such tasks) before everything else is live.
With the systems I have used, the answer is a quialified "yes"
If you can get to one of the management systems in any way (and these can
be replicated, including across the country), you can retrieve the
password and then use it.
These systems change the actual password and record what they changed it
to, they aren't a shim layer in authentication that must reach across the
network (which is also a useful tool to have, but it solves a different
problem). As such the password can be used at a serial console booting
into single-user mode.
It's a qualified yes, because you need to get at one copy of the master
system. This could be at a local console, or via a laptop with a crossover
cable if everything else fails.
Can I, after getting the root password of a system in an emergency, flag
a password as "exposed" but not "compromised" requiring the password to
be changed and re-synced at the next possible opportunity when "normal"
operation has been restored.
All of the systems I am aware of let you force a password change, the
Hitachi-ID system does a password change every time the admin is finished
with the password (the admin 'checks out' the password for a specified
period of time, at the end of that time the password is changed. If the
admin 'checks in' the password when they are done with it, the password is
changed immediately)
Is there a way to generate password displays using clear concise
(unabigous) language for reading over the phone or other verbal exchange
including, should it be required, printing. (i.e. Password=bwFq display
as "[bravo][whisky][FOXTROT][golf]")
customized displays can be created in Hitachi-ID, but as someone who has
worked in multiple orgainizations that have used phonetic alphabets, I
don't think it really helps. If users are not trained to understand what
they are hearing, they end up typing "bravowhiskyfoxtrotgolf", and if they
are trained to understand what they are hearing, the message will get
through, even if the two sides were trained with different phonetic
alphabets.
David Lang
_______________________________________________
Discuss mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
