On Mon, 30 Apr 2012, Robert Nesius wrote:

> On Mon, Apr 30, 2012 at 9:58 AM, Mike Miller <mbmiller+l at gmail.com> wrote:
>
>> I get your idea -- anyone connecting using the keys wouldn't be able to 
>> use sudo unless he knew the sudo password.  That's good, but can't that 
>> also be accomplished by having a sudo password that is different from 
>> the user password?  (Which is what I was asking about above.)  I have a 
>> different user password on every machine I log into, and I could easily 
>> also have a different sudo password, too.
>
>
> I've never seen the sudo password different from the user's system 
> password.  I did some google searches and saw one mechanism for doing 
> it, which I found interesting.  Are you directing sudo to target another 
> user to facillitate authentications?  Doesn't that mean everyone using 
> sudo on the system is using the same account for authentication?  I'm 
> curious to know more about what you're doing here.

I haven't done it.  I just thought it was possible to have a different 
sudo password than user password, just like one may have a different root 
password than user password.  I don't know what the possibilities are -- 
for example, can every user with sudo permissions have a different sudo 
password that is also different from their user password?  I don't know.

On systems where I can sudo to get root permissions, I am always the only 
one who may do so, so I haven't looked into what happens with multiple 
sudo'ing users.

Mike