I want to keep sensitive information online on github but I am struggling with how to implement this.
Currently I have symmetric encryption with a very long key ( 4K characters ). but someone told me it is not safe enough and that I should be using travis' mechanism of asymmetric encryption.
Can someone please explain
- Is it really less safe than travis' method? The way I see it both methods use a secret string to decrypt.
- I am currently using openssl for this procedure - is this the right tool for this task?
Adding more info to answer comments
travis' mechanism - described here: http://docs.travis-ci.com/user/encryption-keys/
do other people need to access it? - yes. the procedure to decrypt should be known in the company, and other employees should be able to decrypt it. However people outside of the company should not be able to decrypt it.
What am I encrypting with it? - hopefully every sensitive information the company has that is required for testing or mocking the system. We have tests on many clouds (ec2, azure, hpcloud and more..) , I would like to keep their account credentials. I would like to keep smtp credentials. credentials to services our code uses like mailchimp/mandrill.
I would also like to encrypt our SSL certificate for the domains that we own.
So basically, if someone will ever decrypt this file, they can potentially damage the company in many ways.
