|
|
Subscribe / Log in / New account

What about SSH?

What about SSH?

Posted Feb 21, 2024 23:25 UTC (Wed) by MarcB (guest, #101804)
In reply to: What about SSH? by oliwer
Parent article: Sudo and its alternatives

You don't even need Polkit for this.

If you use SSH with certificates instead of plain keys, you can use something like "AuthorizedPrincipalsFile /etc/ssh/principals/%u" and then list all the users (technically principals, now) that can log in as root in /etc/ssh/principals/root. The list doesn't even have to include root itself.

This is very valuable on systems where every login is for administrative purposes anyway.

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds