Ask HN: Best practices for securing clustered services
I'm currently setting up a scalable application and was wondering what the best security practices are for a multi-server setup.
Currently I use SSH key authentication on each server - but how do I handle passwords for sudo? Should I disable sudo password checks? Should I use the same password for every server and rotate it every week? How about database passwords? Should I remove the need for a password by SSH tunnelling to the master DB server?
Thanks in advance!
0 comments
[ 4.7 ms ] story [ 14.2 ms ] threadNo comments yet.