On Thu, 2003-10-23 at 17:58, Fajar Priyanto wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thursday 23 October 2003 09:48 pm, Jack Coates wrote: > > .bash_history is cake; just kill -9 your own session instead of using > > logout or exit. wtmp is harder, that'll involve editing the logfiles. > > BTW, ssh has its own access log so check that one too for > > inconsistencies with wtmp. > > Thanks Jack, > The problem we're dealing here is the process of replacing our current > administrator because of - unfortunately - negative cause. > > So, right now he's still got his root password. Do you have any resource on > good practice how to replace administrator in safe and good way? > Thanks > - -- > Fajar http://linux.arinet.org ...
define good; there's not a lot of ways that don't involve hard feelings. Assuming that telling him it didn't working out and walking him to the door isn't a possibility, your options are all variations on a theme: change all the passwords when he isn't around, then scour the network looking for back doors and missed systems (probably with a consultant in tow to help document and make sure you don't miss anything). Good luck, -- Jack Coates Monkeynoodle: A Scientific Venture...
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
