[nycbug-talk] Public-key sudo?

Bob Ippolito bob at redivi.com
Sat Jan 7 14:31:25 EST 2012


I'm trying to catch up on the past few years of what's been happening with
ops (ec2, puppet, chef, etc.) and I was wondering if public-key sudo has
caught on at all?

It annoys me every time I have to type in my password, and it bothers me
more that it would be straightforward to lift my password in plaintext if I
sudo on a compromised host. I started searching around and saw that there
was a talk back in 2008 [1] that covers some implementation of this idea. I
haven't listened to the talk yet, but is there an implementation available
somewhere? Do people use it? On which platforms?

Yes, I know I can avoid sudo altogether and just add my public key to root.

[1] http://www.nycbug.org/index.php?NAV=Home;SUBM=10160

-bob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20120107/aa4ee6d0/attachment.htm>


More information about the talk mailing list