From mboxrd@z Thu Jan 1 00:00:00 1970 From: Thornton Prime Subject: Re: Different root passwords Date: Thu, 9 Dec 2004 12:46:38 -0800 Message-ID: <2d7eccf504120912466bee20c4@mail.gmail.com> References: <41B8B632.5060608@netual.pt> Reply-To: thornton@yoyoweb.com Mime-Version: 1.0 Content-Transfer-Encoding: QUOTED-PRINTABLE Return-path: In-Reply-To: <41B8B632.5060608@netual.pt> Sender: linux-admin-owner@vger.kernel.org List-Id: Content-Type: text/plain; charset="iso-8859-1" To: =?ISO-8859-1?Q?M=E1rio_Gamito?= Cc: linux-admin@vger.kernel.org On Thu, 09 Dec 2004 20:31:46 +0000, M=E1rio Gamito w= rote: > Is it possible to have in Linux different root passwords, for the sam= e > machine: one for accessing it inside the intranet and another for > accessing through the internet ? >=20 > I know FreeBSD does this. Can you send a link to documentation on this feature in FreeBSD? I'm having difficulty understanding the purpose of it, though I'm sure it can be accomplished. In general, allowing access to remote root logins by password alone is not something I'd recommend. If you want to restrict access by interface, a much more secure mechanism is to use SSH keys and restrict access by interface by SSH keys. The different keys can have different passphrases, which sounds like it would do what you want. There are other ways of restricting access by interface, though it is difficult to know which will work for you without understanding the mechanism of the FreeBSD feature you wish to emulate. thornton - To unsubscribe from this list: send the line "unsubscribe linux-admin" = in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html