I will break this question down:
Problem - Find a solution that allows system admins access to EVERY
server on the network, BUT still leave the master.passwd in place for
Currently, I have about 1000+ servers (all FreeBSD) under my team's
care. The network has grown over a 3 year period of time and, at the
time, no thought was given to the fact that maintaining user account
on 1000 would become a nightmare.
Each server has approx. 3 logins:
1. A normal tech login (no su - non-wheel) - for observation
2. user 0 login (root)
3. Customer Login (The person who actually has their data and
websites) - Usually has NO su capacbilities
Because of the amount of servers and existing usernames, it would be
difficult to bring everyone into a NIS setup. Additionally, it would
seem to cumbersome because other than admins, the one username only
needs to access one machine.
I investigated Kerberos, but I do not feel comfortable having more and
more daemons running. i.e. Future security holes and having to update
1000+ machines if another kerberos hole pops up.
Here is what I am looking for:
1. A system that will allow the normal master.passwd to control all
users that are currently entered into, BUT sync users off of a master
server for admin accounts.
2. The ability to nuke the admin accounts off of all the servers
quickly in the case of an employee termination (took 1 day previously
to clean the servers of one admin's login). This eliminates, user
accounts on each server and SSH certs...