This script will email you a daily report about users which have passwords on your system. Exclude list for users is supported.
It will run from cron.daily and generate a report which will be sent to email address which you specified in the configuration file. All other lines in configuration file are newline separated users which will be excluded from the check.
It was written mainly for RedHat-based Linux distros, that's why it's configuration file is located at /etc/sysconfig/
In general scenario:
- on the hardware node (a box which hosts virtual machines) you will exclude `root' in your configuration file, because all other users will use their ssh-keys to access this box, and root password (random generated at least 16 characters long) was kept as an back door to your box.
- on the virtual machine/container you won't exclude anyone, because there is no need in root's password there (in the case of OpenVZ you can easily get access to the container) and all other users will use their ssh-keys to access this container.
View full history Series and milestones
trunk series is the current focus of development.