Team Security

Each team needs to take basic security precautions:

Disable inactive teammate accounts after >3 months of inactivity

• Remove inactive teammates from /etc/doas.conf and from group wheel

Change passwords for shared root accounts every 6 months. For example, web panels with serial console access should have their passwords reset. This basic precaution helps security leaks.

• Make sure to share the new passwords with your teammates!

Check /etc/doas.conf, /etc/group, and /etc/master.passwd (use [vipw only to prevent file corruption.md) to make sure that only authorized users are present

Check /etc/doas.conf, /etc/group, and /etc/master.passwd (use [vipw only to prevent file corruption.md) to make sure that only authorized users are present