Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

How do you manage your server access details? - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How do you manage your server access details?

2»

Comments

  • PremiumNPremiumN Member

    You cant trust it anywhere these days..so i refuse to put it anywhere online or on my pc

  • mickeyrmickeyr Member

    I just use SSH keys myself, but lastpass is a great service for securely storing credentials.

  • cassacassa Member

    SSH keys on my 2 redundant home servers, protected with a password in my head

  • GienGien Member

    Using keepass' synced in dropbox with keyfilein another well known storage provider ex ovh hubic and a long passwordd

    I use it to store my browsers logins too.. and it has an option to add files' so ssh keys are in the db.

    Backs are stored pgp'd and added to treucrypt volume for safety

  • jarjar Patron Provider, Top Host, Veteran
    edited May 2014

    My new response when asked how I store my passwords is "wouldn't you like to know." At this point I've managed to make myself a target for a few skids, and I've weaved such a stupidly complicated web around my access data, and that's really what you have to do now days. You can't be too careful, and you should use 2 factor authentication everywhere you can. No matter what, you always have a single point of failure. It's inevitable. Lock down that point of failure so hard it makes the NSA say "wtf man."

  • defiantdefiant Member

    I use lastpass which is pretty awesome if you ask me. Also you could use a text doc in your Google drive just in case.

  • hostnoobhostnoob Member

    @ironhide said:
    Don't login with your user/password in your server. Rather use ssh keys. Generate a ssh public/private key in your home maching (if not already created) and copy the public key in your server's ~/.ssh/authorized_keys file. For extra security you can use passphrase :)

    You can then disable password based login in your server.

    And then you can login anytime without being asked for user/password.

    and if you're not at home or your HDD fails?

  • cnbeiningcnbeining Member

    Chrome+Google Drive。。。

    Everyone should disable password with SSH. Don't make those hacker's life too easy...

  • deptadaptdeptadapt Member

    For most web sites I let Firefox remember the password and use a master password. The Firefox master password is kept in a keepassx database, along with all my other passwords.

    For the past year I've been using Ansible as a software configuration management tool for my VPSs. I've been developing playbooks for every service that I deploy. For my playbooks I've been using the password lookup plugin for passwords used on servers, stuff like database credentials and Tripwire passphrases etc.

    Basically when I execute the playbook it checks a specific path for a text file containing the password, and if it doesn't exist (deploying service for first time for example) then a random password is generated and stored in that file for next time. These password files get stored in a "passwords" directory with subdirectories organized by FQDN, all safely stored on multiple encrypted external drives that are only mounted for production deployments.

    Usually I don't rely on the password lookup plugin to generate a password, for production deployments I generate and store them in a separate keepassx database before putting them in the passwords directory as text files.

    I also disable SSH password authentication on everything

  • TarZZ92TarZZ92 Member

    Roboform :) + Excell

  • tommytommy Member

    TarZZ92 said: Excell

    Oh my

  • linuxthefishlinuxthefish Member

    Write the key down on pen and paper.

Sign In or Register to comment.