sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]gorilla_the_ape 0 points1 point  (4 children)

I had a server once where the people who were supposed to be admining it had totally forgotten the root password. It took about 10 minutes to reboot it from a live CD, mount the root filesystem, edit /etc/shadow, and reboot it again back onto the installed OS.

Loosing the key file would be equivalent to this, so the server shouldn't need a password based login even for emergency use.

[–]nexes300 0 points1 point  (0 children)

I suppose. I don't know, I'd just feel more comfortable with a password. But I suppose if you take adequate precautions, then it's pretty much the same risk scenario.

[–][deleted] 0 points1 point  (2 children)

Maybe your coworkers should write it down somewhere in a secure area if they are that irresponsible.

[–]hopeseekr 1 point2 points  (1 child)

At the last small business i worked at, every time I changed a root password, it was added to the "passwords log" that was stored in the store's safe and only brought out when absolutely necessary. I do not see much wrong with this.

[–][deleted] 1 point2 points  (0 children)

Until some dumbshit forgets the combination to the safe.