Twitter | Search | |
Talesh Seeparsan May 16
đź”’ interesting thread.....
Reply Retweet Like
Voodoo artisan May 16
Replying to @_Talesh
Isn't that what a public key is for...?
Reply Retweet Like
Talesh Seeparsan May 16
Replying to @andrewhowdencom
Hypothetically: a production API secret key is encrypted with your coworker's public key before you send it to them as standard practice?
Reply Retweet Like
Voodoo artisan May 16
Replying to @_Talesh
Nah I'm talking RSA public/private key pair for SSH. Keys are generated on the box, pubkeys (id_rsa.pub) sent over the wire to the service
Reply Retweet Like
Talesh Seeparsan May 16
Replying to @andrewhowdencom
How do you handle stuff like production API secret keys and DNS service passwords?
Reply Retweet Like
Voodoo artisan May 16
Replying to @_Talesh
Depends. For "better" services, IAM - each user/bot gets their own account. For services without that, shared pw safe or git-crypt + PGP.
Reply Retweet Like
Talesh Seeparsan May 16
Replying to @andrewhowdencom
Wow git-crypt + PGP is more advanced than most organizations I've encountered.
Reply Retweet Like
Voodoo artisan May 16
Replying to @_Talesh
It's so nice! Makes changes hard to review sometimes. It's a process we're looking to improve.
Reply Retweet Like
Peter Jaap Blaakmeer May 16
We’re using 1Password. What would you recommend Taleeshi?
Reply Retweet Like
Talesh Seeparsan May 16
Shared 1password account? I don't have a solid reco. Used to have shared truecrypt volume when I had a team but rethinking it now.
Reply Retweet Like
Aligent Consulting May 17
LastPass enterprise FTW
Reply Retweet Like
Talesh Seeparsan May 17
Oh yeah lastpass works on Linux so!
Reply Retweet Like
Talesh Seeparsan May 17
mentioned it but I don't think he uses it.
Reply Retweet Like
Voodoo artisan May 17
I played with it locally but it's more work that the bash pass library so I gave it away. It's an ambition!
Reply Retweet Like