Andrew Doran wrote:
> 
> Brian Seklecki <lavalamp@burghcom.com> wrote:
> 
> > Not to nitpick, but in a vacuum, you can ssh into a system as root, but
> > in production, you would probably never want to permit anyone to do that
> > (even/especically if you're using RSA/DSA key authentication).
> 
> What if you've got to look after more than one machine, or you've got more
> than one administrator and you want to use ssh? Pretend for a second that
> Kerberos never existed - what would you do then?

Do what I do (22 machines, 8 admins).

- Give each person a login account on the machines in question.  
- Make each person a member of the wheel group.
- Disable root login via ssh.
- Have them log in as themselves.
- Have them 'su'.

This way, my root passwords are kept one layer away from the Internet
and I know who did what as root, since the 'su' is logged.

I don't use Kerberos, so I'm not sure what the issue is.  It just 
means (to me) that every machine is it's own security island.