Don't recall if it was mention but we use a nice little app called MyPMS http://lvoware.com/. Put it on an internal system and then people have to access via a VPN connection to browse into it. That way if a person is no longer with the company, then their VPN has been turned off and they don't have access to it anymore. The reason I like the app is it's OS agnostic for the end user and keeps the data in an SQL DB.
On Thu, 2009-11-19 at 14:07 +0000, gordon b slater wrote: > On Wed, 2009-11-18 at 20:49 -0800, Darren Bolding wrote: > > Pwman > > ...which has the HUGE advantage of being CLI (so useable over SSH > sessions from network devices) and has tagging for searching large > databases of passes. pwman3 is current version. For most OSs. > I've even used it looped through a multitude of nested VTY+SSH+screen > sessions - one of which was a Dropbear sshd and client on a 20$ plastic > CPE - to save my sorry *ss > > For GUIs:- > Keepassx for most OSs, and Keepass2.x on MS Windows > Password Gorilla is a nice one for end-users, most OSs > > Bruce's Passwordsafe format is a somewhat de-facto standard for > import/export. Keepass can do a lot of conversion for you. > Some shops use rsync top distribute the masters and set them readonly at > filesystem - level though this tends to preclude regular rotation and > updating. > > Beware that some of the commercial offerings are trivially broken or > otherwise borked for "work" use. ymmv > > Whatever you use dump the file to a flat file (crypted of course) and > save a statically linked version of the app for those "wow - what > password app did we use way back in 2001?" moments. > > Print a copy every month or so and store securely offsite too - all the > usual caveats apply. Once you have a super-duper app for them you tend > to crank the pw complexity up to a level where no-one can remember > anything nor even recognise regular ones; it's mainly cut and paste, > especially if you use X. > > > Unless of course, the OP meant RADIUS pulling on LDAP, PAM, etc ? > > Gord > > -- > rommon 3 > You have reached the gateway of last resort. Abandon hope all > ye who press enter here > > >