Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials

Linux / bind credentials

So I'm looking at running the BIND scripts on our primary DNS server but I'm running into a couple of security questions that have me stymied - Have folks come up with workarounds for it?

First, root access through ssh is disabled; users can log in as themselves and either sudo or su to get root access. Obviously in the script rndc isn't normally even usable by non-root users, but it's going to be tough to change this policy.

Second, assuming we can log in as root our bind implementation uses a rndc key for authorization, so I'd have to import that into the script as well. Not too bad if we do have root access, but another headache.

I'm curious to hear how other people are running the monitor.

Find more posts tagged with

Linux

bind

credentials

Accepted answers

All comments

aLTeReGo

I've worked with a handful of customers to set this up but none have been as security conscious as you. Some customers do need to modify the script to allow it to SU to root but as a general rule we recommend changing the permissions of the file to allow non-root users to execute the command. You will need to alter the script slightly to pass your mdc key properly regardless of which route you take.