Hi the team! In order to share password and secret across the team (in a secure fashion way), we just setup a password-store using GIT and GPG and the tool pass¹. The repository (SF_password_store) is hosted as a private repo on our softwarefactory.
Don't hesitate to have a quick look of the readme file (for pass usage/install). For the moment, only Tristan and me are registered in this system (because I have not found your GPG keys on a public server, please don't hesitate to add your key or create a new one (RSA 4096 mini)). # Git repository git clone git+ssh://[email protected]:29418/SF_password_store # GPG key generation This tuto is a bit old (2004) but well written http://www.francoz.net/doc/gpg/gpg.html I recommend for the minimum a RSA 4096 key. For a English tutorial we have on the old wiki this one https://wiki.ring.enovance.com/index.php/GnuPG And for publishing, you can use the hks pool: gpg2 --keyserver pool.sks-keyservers.net --send-key <keyid> # Bonus If you use a command launcher (or directly inside your window manager), I've writed a little script to use with rofi² for password interaction (copy in the clipboard, and wipe the clipboard after 45sec). For example: cp SF_password_store/passmenu_sf ~/bin For awesome (in your rc.lua), because some good person use awesome :-p awful.key({ modkey }, "s", function () awful.util.spawn("passmenu_sf") end), Cheers, Seb ¹http://www.passwordstore.org/ ²https://davedavenport.github.io/rofi/
signature.asc
Description: PGP signature
_______________________________________________ Softwarefactory-dev mailing list [email protected] https://www.redhat.com/mailman/listinfo/softwarefactory-dev
