GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Root authentication for several system administrat...
Operating System - HP-UX
1850082
Members
1980
Online
104050
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-13-2005 11:47 PM
02-13-2005 11:47 PM
Root authentication for several system administrators
Hello all,
does anyone know a smart way to
authenticate several individuals who need
root access to a hp-ux server for admin
purposes? Is there a feasable way to use
only one root account and not necessarily
a separate individual account for every
admin user? (maybe using ssh)
One way is definitly to create an individual
account for every person and then use sudo.
Still I would need to track the issued commands
for every root user.
Martin
does anyone know a smart way to
authenticate several individuals who need
root access to a hp-ux server for admin
purposes? Is there a feasable way to use
only one root account and not necessarily
a separate individual account for every
admin user? (maybe using ssh)
One way is definitly to create an individual
account for every person and then use sudo.
Still I would need to track the issued commands
for every root user.
Martin
4 REPLIES 4
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-13-2005 11:57 PM
02-13-2005 11:57 PM
Re: Root authentication for several system administrators
Martin,
disable all direct root login bar from the console.
Then the users will have to use their own userids to log onto the system. From there they can use su to switch to root.
All the switches are record in sulog.
Any Help?
Regards
disable all direct root login bar from the console.
Then the users will have to use their own userids to log onto the system. From there they can use su to switch to root.
All the switches are record in sulog.
Any Help?
Regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-13-2005 11:58 PM
02-13-2005 11:58 PM
Re: Root authentication for several system administrators
HP has a new product (FOR FREE) that will do that:
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=AccessControl
live free or die
harry d brown jr
Live Free or Die
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-14-2005 01:16 AM
02-14-2005 01:16 AM
Re: Root authentication for several system administrators
For tracking individual admins - this is what we do for root's .profile:
# Set up logging
HISTFILE=${HOME}/.sh_history_`who am i|awk '{ print $1}'`
date >>$HISTFILE
export HISTFILE
HISTSIZE=500
export HISTSIZE
Rgds...Geoff
# Set up logging
HISTFILE=${HOME}/.sh_history_`who am i|awk '{ print $1}'`
date >>$HISTFILE
export HISTFILE
HISTSIZE=500
export HISTSIZE
Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-14-2005 02:32 AM
02-14-2005 02:32 AM
Re: Root authentication for several system administrators
The best solution to track actual commands is to use sudo. While root's .sh_history file will track specific commands, any root user can remove the file or try to edit it (it contains binary codes used by the shell) which will render the file unreadable by the shell. sudo does not require the root password and you can restrict each user to a limited set of commands that they are allowed to use. And every command, whether successful or not, will be recorded in the sudo log entries.
Bill Hassell, sysadmin
Bill Hassell, sysadmin
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2026 Hewlett Packard Enterprise Development LP