How to manage credentials on multiserver environment

Posted by rush on Server Fault See other posts from Server Fault or by rush
Published on 2013-06-20T12:24:07Z Indexed on 2013/06/25 4:23 UTC
Read the original article Hit count: 510

I have a some software that uses its own encrypted file for password storage ( such as ftp, web and other passwords to login to external systems, there is no way to use certificates ).

On each server I've several instances of this software, each instance has its own password file.

At the moment number of servers is permanently growing and it's getting harder and harder to manage all passwords on all instances up to date.

Unfortunately, some servers are in cegregated network and there is no access from them to some centralized storage, but it works vice versa.

My first idea was to create a git repository, encrypt each password with gpg and store it there and deliver it within deployment system, but security team was not satisfied with this idea and as it is insecure to store passwords in repository even in encrypted view ( from their words ).

Nothing similar comes to my mind. Is there any way to implement safe and secure password storage with minimal effort to manage all passwords up-to-date?

ps. if that matters I've red hat everywhere.

© Server Fault or respective owner

Related posts about deployment

Related posts about password-management

  • Company Password Management

    as seen on Server Fault - Search for 'Server Fault'
    The topic of personal password management has been covered in great detail time after time. This question is aimed at the business or organization that needs to keep track of many unique passwords for many clients. What are some strategies/tools or ideas you all have for accomplishing this task? I… >>> More

  • Company Password Management

    as seen on Server Fault - Search for 'Server Fault'
    The topic of personal password management has been covered in great detail time after time. This question is aimed at the business or organization that needs to keep track of many unique passwords for many clients. What are some strategies/tools or ideas you all have for accomplishing this task? I… >>> More

  • Unix Password Management Keyring

    as seen on Super User - Search for 'Super User'
    I am looking for a password manager for a command-line Unix environment. So far all I can find are keyring applications for Windows, Linux, and Mac. But no command-line Unix interfaces. My main goal is to be able to access a password keyring through an SSH connection to a machine that has no graphical… >>> More

  • Password Management for Oracle WebLogic customers

    as seen on Oracle Blogs - Search for 'Oracle Blogs'
    One of the most common requests for enhancements I get across my desk is that customers wish to allow end users to change their passwords from our products. Now, typically password management is not in the realm of individual applications but it is an infrastructure requirement, so we don't usually… >>> More

  • Local Password Management

    as seen on Super User - Search for 'Super User'
    In our office (and I am sure many others) we access various websites and tend to share one account with our team. For example, we share credentials to Ebay and change them every few weeks to maintain some sense of security. However, we know this does not allow for any type of accountability for… >>> More