from Hacker News

Ask HN: How do you store production credentials?

by jnankin on 11/26/13, 8:19 PM with 2 comments

Particularly, if you have fabric scripts that are responsible for running deploys etc, how do you distribute, store, and secure the credentials required to back these scripts and allow them to access servers and run builds?

  • by embro on 11/26/13, 10:59 PM

    My solution is Keepass on a shared drive with very a strong password.

    For production stuff, I would suggest you use a key file on top of a password.

    Key file tips :

    1- Key file on Truecrypt encrypted USB key.

    2- Use plugin OtpKeyProv in in conjunction with RSA SecurID or other Random key generator.

    Also, automate backup of the password database everyday.