Search
Navigation
Top 60 Oracle Blogs
certificate authority
Solving accountability for ssh/linux servers without creating personal accounts
One of the continuing issues that I see is accountability (who did what on what server) on Linux or other operating systems that are using ssh.
The traditional solution for this problem is personal accounts, which provides logon and logoff registration.
Personal accounts often do have the least amount of rights which means typical administration tasks can not be done with them, in order to actually do something you need to sudo to an application account or root, which is logged by sudo, on enterprise linuxes to /var/log/secure. So some important facts are logged (logon/logoff/switching users), but a lot of important things are not logged at all, or maybe can be indirectly derived by combining data of operating system audit together with application specific logging.
.png){kind=small}
TweetsPopular content
Today's:
Monthly archive
- July 2020 (6)
- June 2020 (49)
- May 2020 (50)
- April 2020 (64)
- March 2020 (62)
- February 2020 (59)
- January 2020 (90)
- December 2019 (48)
- November 2019 (47)
- October 2019 (64)
- September 2019 (40)
- August 2019 (42)
- July 2019 (45)
- June 2019 (37)
- May 2019 (43)
- April 2019 (49)
- March 2019 (61)
- February 2019 (25)
- January 2019 (35)
- December 2018 (39)
- November 2018 (55)
- October 2018 (75)
- September 2018 (38)
- August 2018 (89)
- July 2018 (58)
- June 2018 (61)
- May 2018 (66)
- April 2018 (40)
- March 2018 (61)
- February 2018 (67)
Recent comments
2 years 23 weeks ago
2 years 35 weeks ago
2 years 39 weeks ago
2 years 40 weeks ago
2 years 45 weeks ago
3 years 14 weeks ago
3 years 34 weeks ago
4 years 12 weeks ago
4 years 48 weeks ago
4 years 48 weeks ago