| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
|
| 5 |
On 10/08/2010, at 11:44 AM, Frank Steinmetzger wrote: |
| 6 |
|
| 7 |
> Am Dienstag, 10. August 2010 schrieb Paul Hartman: |
| 8 |
> |
| 9 |
>> Typing that long password into sudo every time I ran a command was a |
| 10 |
>> hassle |
| 11 |
> |
| 12 |
> I’ve never used sudo, and never really liked the idea of it. In fact I’m |
| 13 |
> always amused and slightly annoyed by the sheer amount of sudo one can find in |
| 14 |
> your typical ubuntu howto. ;-) |
| 15 |
> |
| 16 |
> It’s one reason why I abstained from installing Truecrypt 6, because it |
| 17 |
> requires sudo (Yes I know, in default setup you can’t do much with it. It is |
| 18 |
> but an issue of principle). However, because I need root commands regularly |
| 19 |
> (for example to initiate the VPN to my uni’s WiFi), I usually have one tab in |
| 20 |
> Yakuake where I do a normal su once after login. |
| 21 |
> |
| 22 |
> And for more safety on my part, I also use different prompts: red hostname for |
| 23 |
> root console, green user@hostname for nonroot. |
| 24 |
> -- |
| 25 |
> Gruß | Greetings | Qapla' |
| 26 |
> What’s right is right, otherwise it’d be wrong. |
| 27 |
|
| 28 |
I hope you realise the use of "sudo -i" will give you a root shell just like su. The reason sudo is preferred is that it means between multiple administrators, you can eliminate the need for a shared password. sudo can also control who and what groups can access sudo, and even subsets of commands. |
| 29 |
|
| 30 |
sudo also has a "grace timer" in which once you prove your identity with your password once, you can use sudo without a password for a period of time after that. This can also be canceled with sudo -k |
| 31 |
|
| 32 |
In terms of system administration best practices, sudo is the way to go. You will see it used in all server administration tasks to escalate privileges, in a secure manner. |
| 33 |
|
| 34 |
William Brown |
| 35 |
|
| 36 |
pgp.mit.edu |
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
-----BEGIN PGP SIGNATURE----- |
| 41 |
Version: GnuPG/MacGPG2 v2.0.14 (Darwin) |
| 42 |
|
| 43 |
iQIcBAEBAgAGBQJMYLhgAAoJEHF16AnLoz6JhJ8QAL5SO5DRmcQ3wXLdtMZooACu |
| 44 |
WT4qyfKBnfMqakLJlSWYOH6tuIoK/mVYpeCpQmjpTuKaE90tnLnngCOVnG7puyqG |
| 45 |
LkPBNew3iOsO0JJcNzCcMiwWQ1C7d2hkSyNl48FVwBwaVgbPmWL6flPLxwHxdbU1 |
| 46 |
O2Kke8ku2dAVRTg9NdnPnTcc7y1h2/VYLwqSY10ybHS4I6a7YuhEIeGZtCqfEZ6d |
| 47 |
0WkbUaU2IJFEVskR2pRV3Oh8FOgjW1XpYPzGrzQgpByghVgDxalFpC89g3xVw2ue |
| 48 |
bbRZNcn6NfZnfS/ltsCLr0mzSkV9xUXtYJkSQWN2jZbXM5rr+5gQXk1CqYLeDkjS |
| 49 |
4HFST6bFfUUl7KMlo/mfH7PSD3Coa1J/DwcZFM9xkMx/sTy/TDsQhG1Qgb5jSn4u |
| 50 |
/TVYRwkvNj/KXBolDPcEQkZ6h35R8h9gGFRaW9u1+O2YyLC8uOyFUhd0iHNo0+s0 |
| 51 |
r4Q0wiwnY7I5CI2ZQ5h2blbYzqyvgSa43rYp3rho9cp4LktDKO2qfoIW/CV/0Q6r |
| 52 |
NmWcuzaU17QTAQn8VL2SUfG0zqXgCI4NlQcU8iNnYFRGUTvdx4crjzrgIqYm2rc+ |
| 53 |
PbpFuLl4Uz000hsQYXWfy9hwIMbxilT4F9AOpKmyU392GZ/22WUvoMk2uhzt8aCf |
| 54 |
w44gvZvW1e44buFM2L/z |
| 55 |
=AR4J |
| 56 |
-----END PGP SIGNATURE----- |
Archives