Centralized, encryption key / credential system

anomie

anomie

Honourable FreeBSD sysadmins and devs:

Any suggestions for a FOSS encryption key / authentication credential system? IOW, I need a safe place to stick me passwords -- where they can be accessed by others (which should eliminate any lewd replies). Data should be stored in encrypted form, using a known, vetted cipher (e.g. AES).

This needs to be something we can manage locally, rather than a third-party service offering. I don't care if it's web-based or if it requires some form of thick client.
 
I'm guessing you're looking for a password manager? Authentication and/or credentials are somewhat different.

My favorite unfortunately isn't in the ports tree, I use it quite a lot at work. http://keepass.org

Looking through the ports tree I do see security/gpass and security/gorilla. Neither look like they're centralized though.

One idea is to store the keys/passwords in an LDAP database.
 
Yes, I need a place to keep passwords, encryption keys, et al.

This data will need to be encrypted, such that if someone were to walk off with the disk, they'd have a good bit of work ahead of them to get anything useful. (i.e. Clear text in a db or flat file won't do.)

I will take a close look at KeePass (that's http://keepass.info/ ;)). I might see if I can run it on a central host and have everyone forward X11 sessions to use it. I'll take a look at the other two GUI clients you mentioned, too.

-------

If there are any other inspirations on this topic, please do share.
 
Funny, I actually wrote a password manager last weekend. Adding a web interface was is "the list" for this week/coming weekend.

I've used pwman for a very long time. Which works more or less (but not without issues).
 
killasmurf86 said:
security/keepassx is my favorite :D
Click to expand...

I'll take a look.

Carpetsmoker said:
Funny, I actually wrote a password manager last weekend. Adding a web interface was is "the list" for this week/coming weekend.
Click to expand...

Keep us posted if you put it in ports. :) My WAG is there will be an uptick in interest for this sort of thing as shops get more serious about adhering to certain infosec policies.
 
I would be very interested in some centralized thingy. Encrypted database of course but also so multiple people (each with their own key/password) can access it. Some sort of user management would be great (which user can access which password/key).
 
You must log in or register to reply here.
Back
Top