3

We have a bunch of SSH, GPG, SSL and other private keys that, obviously:

  • must only be available to the smallest number of people possible
  • can't be "lost" if a hard drive dies or the building burns down (because a lot of data would otherwise be undecipherable)
  • must be recoverable even if the guy in charge is out sick or gets hit by the bus or holds out for a million-dollar raise

What are the best practices here? Do you store them on a bunch of flash USB sticks in a safe? Do you make copies? How many copies, and how do make sure they stay in sync (keys expire, get replaced, new keys are added etc.) Do you encrypt them? (with what, and how do you bootstrap?)

I've failed to turn up any useful practical info, so I'm interested in all experiences, good, bad, etc. from which we could learn.

Also, is there any open-source software that helps with this?

Johannes Ernst
  • 1,097
  • 5
  • 17
  • 27

1 Answers1

1

Here, for everyday work we have Kerberos authentication, it's very useful for example if you want to log as root with a .k5login file in /root.

Of course if the keytab or some other problem occurs, we have a GPG encrypted file on a SVN repository. But if your root passwords are being changed automagically on a regular basis, a GPG file might not be enough.

I came across SFLVault the other day; I have not tested it yet, but it seems to be a rather powerful tool. It should be worth giving it a try

Hope it helps :)

MunsterNet
  • 454
  • 2
  • 3
  • But where do you put your root credentials e.g. the key with which the GPG file in the SVN repository is encrypted? – Johannes Ernst Aug 29 '11 at 14:56
  • The file is encrypted with each user's private key so if a user looses its key another user can reecrypt the file. Of course, it also means that for example is someone in the team leaves, you'll have to change all passwords... – MunsterNet Aug 30 '11 at 12:11