Password Security and Distribution

Andy Davidson andy at nosignal.org
Thu Feb 9 12:59:10 UTC 2006


Hi,

Embarassingly late reply; I've been away.

On Tue, Jan 24, 2006 at 10:48:45AM -0500, Jeremy Stinson wrote:
 > We are in the need for a better mechanism for sharing passwords between our 
 > engineers. Most of these passwords are for our client's systems where some 
 > of them are controlling the password schemes (aka requiring shared user 
 > accounts). 
[...] 
 > In other companies we have used a PGP keyring to secure a text file that 
 > contained all of these passwords and then put them onto a shared customer 
 > portal. The problem with this strategy is what happens if you are not 
 > on your computer where PGP is installed?

Encrypted text files are a nice way to go until you grow to the size
when people need very different levels of access, and centrally storing
a number of these files isn't good enough.

http://devel.pluto.linux.it/projects/Gringotts/ is what we use.  If an
engineer is not at a desk where they have gringotts installed, use the
-d flag to use a console/interactive version of the software instead of
the usual GTK gubbins.

-a



More information about the NANOG mailing list