I'd like to hear from clients and providers on this issue. Should the dedicated server provider have your root password?

Why not?

When they need it sure. I rotate my password so it is not always the same but if I ask them to do something for me sure I give it to them . Why not? I mean heck if they wanted to do something bad to my server they have console access, they can cut the link, flip the switch etc. Besides the Scott, Mark and guys in the data center at DV2 are great to work with and I have no qualms about trusting them at all.

when they need it yeah

Originally posted by clocker1996
when they need it yeah That will probably be the most common answer. Many of us change our password, often. Then you just give it when it's needed.

right, only if i'd need their help with something, i'd give it to them. but change it afterwards again.

greets,

It's not a matter of trust, because as Monte pointed out, these guys can sit right down at your server and do their worst without a root password. It's just a matter of not wanting your password to be stored anywhere.

I give our provider passwords whenever they need them without a second thought. We just change the passwords often.

I give the root password out on my rackshack server when they need it, but I change it just for them and then change it back when they're done.

Aaron

yes
i also change it back :)

Yes I give it to them. If they really wanted to mess with me all they would need is a hammer.

Or toss it into single user mode and change it themselves and lock me out.

But now that I am adding stuff to the server, the apsswrods (al of them) will be in a one week rotation schedule. No password gets sued twice, has at least 5 numbers and 5 letters of mixed case and no words.

wow, now that's what i call paranoid! :)

Only if they ask :rolleyes:

There wasn't a "sort of" option on the poll.

I don't give them root access, but I do I give them sudo capability to shutdown and reboot.

Originally posted by Mike the newbie
but I do I give them sudo capability to shutdown and reboot. umm i don't believe it's possible "not to give them the ability to shutdown/reboot" :D

Originally posted by Mike the newbie
There wasn't a "sort of" option on the poll.

I don't give them root access, but I do I give them sudo capability to shutdown and reboot.

What do you mean you don't give them root access? They are your ded provider... they can sit right in FRONT of your machine physically... they HAVE root access already so

Originally posted by NetXL
I'd like to hear from clients and providers on this issue. Should the dedicated server provider have your root password?


what are you really wondering about? asking about if the person(s) that have total 100% PHYSICAL control of your server should have the root pass or not is like asking if you should let them replace a piece of hardware if they need to :) it's THEIR machine and if there was any reason what so ever not to give them your password (which I've been rereading this question for about 10 mins trying to figure what possible reason could exist) then it wouldn't matter:

reset switch
linux single
passwd root
imgod <enter>
imgod <enter>

:)

don't be so paranoid.

Originally posted by rastoma


What do you mean you don't give them root access? They are your ded provider... they can sit right in FRONT of your machine physically... they HAVE root access already so

The things they would need to do most are shutdown and reboot. For that they have sudo.

If they need to do something beyond that, they call me and I either give them the root password, or add another command to sudo.

You make it sound as if my dedicated service provider does things to my server without my permission. Perhaps your dedicated provider works like that, but mine does not (if they did, I would look for another provider immediately). If they need more access than I have given them, they ask for it and we discuss the best way to do it.

We work together to assure that problems get solved and servers stay secured.