

Ask HN: How do you store production credentials? - jnankin

Particularly, if you have fabric scripts that are responsible for running deploys etc, how do you distribute, store, and secure the credentials required to back these scripts and allow them to access servers and run builds?
======
embro
My solution is Keepass on a shared drive with very a strong password.

For production stuff, I would suggest you use a key file on top of a password.

Key file tips :

1- Key file on Truecrypt encrypted USB key.

2- Use plugin OtpKeyProv in in conjunction with RSA SecurID or other Random
key generator.

Also, automate backup of the password database everyday.

~~~
embro
I think you can also use Yubikey :

[http://www.yubico.com/products/yubikey-
hardware/](http://www.yubico.com/products/yubikey-hardware/)

