which is better for sudo: ldap accounts or sudo auto via ssh keys?
alexmiroslav at gmail.com
Thu Dec 26 21:02:02 UTC 2013
I have a bunch of servers that I'm trying to tighten down.
>From a security standpoint, which would be more secure:
- having users login from an ldap account and use that same password
to authorize themselves to sudo
- or do away with passwords entirely and have them login with ssh keys
only (easy to do) and then authenticate to sudo with ssh keys (from a
search, apparently this is doable). I would also like to enforce that
the ssh-keys have passwords on them
More information about the freebsd-questions