Different root passwords

Different root passwords

[Mário Gamito]

Hi,

Is it possible to have in Linux different root passwords, for the same 
machine: one for accessing it inside the intranet and another for 
accessing through the internet ?

I know FreeBSD does this.

Any help would be appreciated.

Warm Regards.
-- 
Mário Gamito
Administração de sistemas e desenvolvimento
Netual - Multimédia e Telecomunicações, Lda.
Rua João Afonso, Nº1
3800-198 Aveiro - Portugal
Tel. +351 234 371 431 / Fax. +351 234 371 438
E-mail: gamito@netual.pt
www.netual.pt
-
To unsubscribe from this list: send the line "unsubscribe linux-admin" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: Different root passwords

[Thornton Prime]

On Thu, 09 Dec 2004 20:31:46 +0000, Mário Gamito <gamito@netual.pt> wrote:
> Is it possible to have in Linux different root passwords, for the same
> machine: one for accessing it inside the intranet and another for
> accessing through the internet ?
> 
> I know FreeBSD does this.

Can you send a link to documentation on this feature in FreeBSD? I'm
having difficulty understanding the purpose of it, though I'm sure it
can be accomplished.

In general, allowing access to remote root logins by password alone is
not something I'd recommend. If you want to restrict access by
interface, a much more secure mechanism is to use SSH keys and
restrict access by interface by SSH keys. The different keys can have
different passphrases, which sounds like it would do what you want.

There are other ways of restricting access by interface, though it is
difficult to know which will work for you without understanding the
mechanism of the FreeBSD feature you wish to emulate.

thornton
-
To unsubscribe from this list: send the line "unsubscribe linux-admin" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: Different root passwords

[Jim C. Brown]

On Thu, Dec 09, 2004 at 08:31:46PM +0000, M?rio Gamito wrote:
> Hi,
> 
> Is it possible to have in Linux different root passwords, for the same 
> machine: one for accessing it inside the intranet and another for 
> accessing through the internet ?

I suppose one way to do this would be to set up 2 root accounts. This is done
by adding another user, and then manually changing the uid in /etc/passwd for
that user to 0. The 2 users (one of which will probably be called 'root') can
have different passwords.

Then set up internet access so that only one of the root users is permitted to
log in, and set up intranet access so that only the other root user may
log in (normally, it will be the user called 'root' that can only log in via
the intranet).

> 
> I know FreeBSD does this.

I am not familiar with how FreeBSD manages this.

> 
> Any help would be appreciated.
> 
> Warm Regards.

-- 
Infinite complexity begets infinite beauty.
Infinite precision begets infinite perfection.

Re: Different root passwords

[Mário Gamito]

Hi Thornton,

>>I know FreeBSD does this.
> 
> 
> Can you send a link to documentation on this feature in FreeBSD? I'm
> having difficulty understanding the purpose of it, though I'm sure it
> can be accomplished.
It's in Absolute FreeBSD book.

Regards.
-- 
Mário Gamito
Administração de sistemas e desenvolvimento
Netual - Multimédia e Telecomunicações, Lda.
Rua João Afonso, Nº1
3800-198 Aveiro - Portugal
Tel. +351 234 371 431 / Fax. +351 234 371 438
E-mail: gamito@netual.pt
www.netual.pt
-
To unsubscribe from this list: send the line "unsubscribe linux-admin" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html