0

I'm looking for a solution to

  • Generate an encrypted UNIX password for a specific target using it UUID and a public GPG key
  • Retrieve a target clear password from its UUID and the private GPG key

I have performed a little schema with the two process : enter image description here

There is a way to do this?

Thanks, Emeric

EDIT1: I realize that my first explanation was not really clear... To add clarification, I have a first solution to do that I want :

  • generate a password for a target with a hash mechanism using the target UUID + secret key during the target setup
  • permit to retrieve a target password using the secret key and the target UUID

And my question, in fact, is to know if a solution exists to realize that with an asymmetric mechanism to avoid providing the secret key to the production pole. I don't really believe it, but you never know...

Emeric Verschuur
  • 111
  • 3
  • 1
    Taking away your secret sauce: you want to use PGP encryption to store a clear text password by encrypting it with a public PGP key. Do so allows you to decrypt the encrypted password again with the associated PGP private key. - That makes sense if you need to retrieve the clear text password. – HBruijn Aug 23 '22 at 13:56
  • Normally though the recommendation is that passwords should be hashed and not reversibly encrypted. - Tech support does password resets for users and does not hand them back their original clear text password when they have forgotten their password or locked themselves out. But if you're looking for a password manager rather than DIY consider using one of the "enterprise ready" password managers / password vaults to store passwords. – HBruijn Aug 23 '22 at 13:58
  • I realize that my first explanation was not really clear, and I had added an EDIT1 to clarify it... – Emeric Verschuur Aug 24 '22 at 06:48

0 Answers0