We are currently facing a challenge in securely providing users with sudo/root access.
Our requirement is to allow users to log in to servers and perform tasks with elevated permissions without retrieving or exposing the root password.
Currently, when users launch a PuTTY session, it does not prompt for additional permissions initially.
However, once they attempt to execute commands using sudo (the user is LDAP-authenticated with sudo privileges), the system requests a password.
We have enabled password retrieval from Password Safe. Our concern is that enabling password retrieval for such access would violate our internal security policies.
We are looking for a secure solution that allows users to perform sudo tasks during the PuTTY session without compromising password security.
