[sudo-blog] Securing the sudo to sudo_logsrvd connection
Todd C. Miller
Todd.Miller at sudo.ws
Tue Aug 24 13:46:22 MDT 2021
Using sudo_logsrvd to centrally collect sudo session recordings from your network is a huge step forward in security: users cannot delete or modify session recordings locally. However, by default, transmission of recordings is not encrypted, making it open to modifications and eavesdropping. Encrypting the connection between sudo and sudo_logsrvd can eliminate these problems. Larger environments usually either have in-house PKI tooling in place, or colleagues who know all openssl options off the top of their heads. ...
Read the full blog post at
https://blog.sudo.ws/posts/2021/08/securing-the-sudo-to-sudo_logsrvd-connection/
More information about the sudo-blog
mailing list