On Thu, 2005-08-04 at 21:22 +1000, Ken Foskey wrote: > Got this one today, strange one: > > "Do you know if it is possible to setup a Linux redhat server to require > two passwords to gain root access? The responsibilities for the server > are going to be split over two different teams and we don't want either > to have root access without the other team knowing about it. Please let > me know if you can come up with something." > > Basically they would like to set up the machine so that it requires two > people to sign in to root, an application guru and an administrator. > If anything is destroyed then they are both accountable as they look > over each others shoulders. > > Anyone ever done something like that?
Nope, but it sounds like a variation on standard two-factor systems (i.e. rsa smartcard + password) - and the techniques that they use to enforce access at the pam level are probably applicable. Rob -- GPG key available at: <http://www.robertcollins.net/keys.txt>.
signature.asc
Description: This is a digitally signed message part
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
