@jpmens@ripienaar even for my own machines… I don’t want to have to deal with a root password. Sure, maybe “really” is a better tool for this. But… I had never even heard of it until this article. And sudo is only complicated if you make it so.
@jpmens@ripienaar I mean no password on my local machine. And no, I can’t imagine ever allowing remote root login, so I need it when connecting to other machines, too.
I have used NOPASSSWD in the past, but mostly for service accounts. Personally I prefer to be asked for a password, so I have a chance to wonder if I really want to do this.
@jpmens@ripienaar heh, I find this one fun as a semi-beginner admin test question. “Why does this sudo command not allow you to overwrite root-owned files?”
I’ve worked with plenty of “senior” admins who could not answer, at least back in the day. I keep hoping standards are higher now.
@jpmens I’m a bit torn over the “remote login as root”. Yes, it has been rendered meaningless by tools like ansible requiring unattended privilege escalation. Or configuring sudo to do passwordless escalation. I still feel it is great for situational awareness and the “look before you leap” approach. Something that got me in hot waters with my co-workers from time to time.
@jpmens@rvstaveren that’s a fair point. The issue is not sudo, but lack of knowledge on security procedures and the need to have privileged accounts to ensure secure systems.
Add comment