![]() ![]() Store the public part of the user's key in the clear in the user's record The typical model is to use a couple of levels of crypto.įor each user, generate and store a public/private keypair In the following, "credential" can refer to ssh keys, passwords, or whatever needs storing. As always, get a proper security audit if it's important. This is what I've seen done and it makes sense, but I cannot claim it doesn't have security issues beyond what I outline below. Note that I am not a crypto systems or security expert. If I can't figure out how to implement from that level I can ask more questions. Here I am looking just for general outlines of a solution regarding key management of encrypted sensitive data. Is there a way to securely manage keys such that admins can set their own passwords? Maybe use public key encryption and encrypt a symmetric key with each admin's public key? What is the best way to plan for keys to be rotated? Should I just use a passphrase that every admin has? This raises some red flags in my mind. Synchronizing users and passwords in this regard poses similar problems, namely that if the network is down, how does the sudoer log in with the guaranteed most recent password? These would be unused except when the vm is inaccessible over the network. Access of course would be heavily restricted to a few admins. The reason is that local logins will sometimes be required to machines as much as they are discouraged and we need to be able to look up root passwords. I am looking at the possibility of having to store root passwords for virtual machines in reversibly encrypted format in a database. ![]()
0 Comments
Leave a Reply. |