Using ksu/sudo with Kerberos

Russ Allbery rra at stanford.edu
Mon Oct 4 17:38:54 EDT 2010


"Christopher D. Clausen" <cclausen at acm.org> writes:
> Russ Allbery <rra at stanford.edu> wrote:

>> We do this, except we use .k5login with a specific list of principals that
>> should have access to root.  I wouldn't use auth_to_local for...

> Note that depending upon your SSH setup, adding user principals to root's 
> .k5login (or auth_to_local rules) might allow one to login directly as root 
> on the system via SSH.  In general, that is exactly what I prefer to do:

> ssh root at machine gets me in as root but logs that cclausen (or 
> cclausen/admin) made the connection.  Of course it doesn't log every 
> individual action, but IIRC neither does ksu.

Same here.  I prefer that to ksu since it doesn't expose the password on
the local system.

> I have PermitRootLogin set to without-password in sshd_config so that 
> Kerberos is allowed but not password based auth for the root user.

Yup.  You may want to also disable public key authentication.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>



More information about the Kerberos mailing list