Giving root access to outsourced sysadmins.

If I were to outsource some or all of my system administration, offshore or not, the issue comes up of giving out the root password. I'm primarily a businessman, who knows enough of the tech stuff to be dangerous -- to myself. I would prefer in my role as CTO to be the *only* one who knows the root password. If I'm killed, my attorney knows what to do to obtain it.

I can accomplish this by allowing only myself to edit the sudoers file (which can only be done by root). I can allow any user account full privileges via sudo. All the outsourced admin needs to do is execute sudo sh. This gives me an audit trail of everything that's done, right?

What I don't know is what the sysadmins out there think of me doing it this way. Does this hamper anything you would need to do? Do you really need your preferred shell installed with any other than normal privileges, if at all?

 

 

 

 

Top