I am still fairly new to linux hosting and am currently working on some policies for our production ubuntu servers. The servers are public facing webservers with ssh access from the public network and database servers with ssh access from the internal private network. We are a small hosting company so in the past with windows servers we used one user account and one password that each of us used internally. Anyone outside of the company who needed to access the server for FTP or anything else had their own user account. Is that okay to do in the linux world, or would most people recommend using individual accounts for each person who needs to access the server?
SnapOverflow
It's mater of taste, however from security reasons, I think it's better to have more users. Why? Because even "internal workers" of your company may have different works so they need different privileges. It's always better to give only the minimal rights for a given function/program/user/etc which is just enough. If you have only one user for more people, you may need to give more rights, so many people using that single user will have more rights than they need. It can be an issue if that account is cracked, or even if a worker make a mistake like removing files, etc, many examples can be mentioned. Also the worker itself can be an enemy (it's quite usual think in the IT ground ...) so it's better to separate people/their rights etc. I guess it's not an Ubuntu specific topic, it's about all OSes. That's also a reason that Ubuntu - unlike many other Linux and/or UNIX distributions - don't have root user by default (cannot be logged in, since no valid password): it's quite dangerous to log in as root, since you (or anybody who managed to log in ...) have "unlimited" access. It's always better to have more fine tuned security system than "all or nothing".