Sharing your SSH / FTP access with tech guys or other owner / admin?

[Floris]

If you hire a tech guy, or have a shared owner, or have additional admins. You trust them right? Otherwise they wouldn't be in that position. Would you trust them enough to get shell or ftp access (or whm, cpanel, whatever)?

They can help manage the backups or fix bugs, etc.. But even if you trust them, would you give them access to your account with ftp and even ssh shell, or keep that to yourself?

One solution I have come up with is 24 hour rolling back ups of the images directory. Which is an account, which the designer might have access to, preventing the guy or girl from accessing other directories on the server.

What do you do, how much access do you share, and how have you prevented abuse?

 

[imported_Brian]

Sharing by means? Granting them the access? Well, it depends whether temp or perm. But if I were to trust a person, I won't hold back anything. I'm one who hates playing mind game.

 

[Mikey]

The user never gets access to my account, or an account with any sudo privileges, but they do get their own restricted account. All actions any user takes should be logged, regardless of whether you trust them or not. This sounds harsh but eh, all your sites are on this one server (if you're smart you have backups), and one wrong move by an inexperienced user or even a wrong move by an experienced user who isn't thinking opens you up to hackers and insecurities.

Run an old version of a software for a friend, etc, it all creates vulnerabilities malicious users can exploit.

 

[Heretic121]

In respect to remote access to my server: If I trust someone enough to give them an account, which is a feat in itself, then I don't hold back.
In respect of web based accounts: I'm not big into giving any elevated privileges to people unless I've known them for a /long/ time.

 

[melbo]

The only ones with access to SSH and SFTP access are my host. When it comes to server admin outside of my managed dedicated, it's just me.

There are some that I would trust because they are friends and wouldn't trash my server intentionally... it's just that they might trash my server by accident.

 

[Vincent_imported]

I give all my administrators FTP Access. No SSH access, it's something only one person should have access too.

PHPMyAdmin can be installed if they'd like to alter the MySQL Tables.

 

[Jason_imported]

My admins manage the community, technical side is all handled by me so I need no need for them to have greater access.

I've always been the one who has funded/started projects though, i'm sure if I went into a partnership and there was equal input/ownership i'd be happy to share everything.

 

[Ingenious]

Bit late to this one, but I wanted to add I would not trust anyone with any form of access they could trash the site with, intentionally or not. Even then I'd create an additional access for them which granted the same rights but which I could remove afterwards.

Life has taught me, it's the ones you trust most who shaft you!

 

[CurveGotti]

I very rarely share login's for anything beyond the software on the site's administrative level, there is usually no need, and when there is I create a temp account and delete it once any task they are working on is complete.

 

[Steven Moore]

I'm try to avoid getting anything such as SSH information to make the client feel secure in hiring me.

 

[CurveGotti]

I'm try to avoid getting anything such as SSH information to make the client feel secure in hiring me.

I try and do the same thing when I am working on other sites, not only do I try to avoid needing access to certain things, but I explain why they should be more careful about offering such access when they do try and give me the passwords. I always tell them to only give it when someone specifically asks for it for a specific reason that they can confirm is a legitimate need.

 

[Medora_imported]

I have several fellow administrators. Although I only shared FTP and phpMyadmin access with one of these administrators, it is not because I trust the others any less; rather, it has to do with circumstance.

For example, my forum started out on a free host before this fellow administrator offered to host it for me for free. And after it was moved to a paid host, he generously donated his time and effort to make the strenuous conversion of the forum from phpBB 2.x to vBulletin 3.x.

In short, he has done just as much (if not more) for the forum than me, and giving him complete access just naturally happened. As for the other administrators, they have never concerned themselves with the tech side of the forum; they are concerned only with the management within the forum itself rather than behind the scenes.