from Hacker News

Show HN: RemotePassword – No more hardcoding passwords in scripts

by howlett on 6/25/17, 8:53 PM with 0 comments

The idea behind this is pretty simple and it was developed to solve the following scenario:

* I have a RPi with an encrypted drive attached (which is mounted on boot) where all my backups are synced (and from there rsynced to a remote location).

* If both RPi & HDD are stolen then they will have access to the data as the password is hardcoded.

* To solve this, GPG encrypt the password and upload it. Use the script to pass it as a subcommand to the mount command. A simple example with mysqldump would be:

  mysqldump -ubackup -p$(rpass.sh "MySQL") > /tmp/backup.sql
* If the device is stolen, disable the GPG password on the website and your data is safe.

I have a few things on the roadmap but wanted to get a feel if this is something people would use before spending more time on it (it's currently only doing what I initially planned for it to do).

URL: https://www.remotepassword.com/