On 11/18/2011 07:33 PM, Gregory Machin wrote:
Hi.
We are using using PAM to authenticate users against Freeradius, an
that is working well. The problem is that the users are 3rd party
developers and some need root access. The issue we have is that the
radius secret is stored in clear text file. How can this be hidden so
that is can be misused ?
Is there a document on hardening Freeradius ?
Giving 3rd party users root access to servers with sensitive information
is dumb. Nothing is protected once you have root. You need to seriously
reconsider why anybody except a trusted small group of admins need root.
I can't seriously believe you're asking a question about hardening after
declaring you intend to give root away. The very first rule of hardening
is to restrict root access, all hardening efforts are a complete waste
of time once root is compromised.
--
John Dennis <[email protected]>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
