August 8, 2017

Sysadmin pet peeve - don't use root!

Sysadmin pet peeve - don't use root!

There are people (I was one of them) who just use root account on servers for managing them, deploying apps and also share this single account with other sysadmins and even with developers.

Reasons are always the same: "This is easiest way to get things done", "Trust me, I know what I'm doing." or similar answers to these two.

And when you get a bad habit of using only root account you start using it in places where you definitely should not do that! Like on your production servers that have public IP.

Just stop it! :)

And it is really not that hard to add additional users and increase security of your server:

adduser developer1
adduser developer2
adduser devops1
adduser devops2

See? Easy.

Ok, actually there is a bit more than this... now you need to setup groups and permissions, but first step is really easy.

And now add some users to sudo group on Debian/Ubuntu systems:

usermod -a -G sudo devops1
usermod -a -G sudo devops2

or on CentOS/Fedora systems:

usermod -a -G wheel devops1
usermod -a -G wheel devops2