

Best practices of providing passwords to cronjob? - dexen

A linux machine on my company's LAN is tasked with taking database snapshots daily, as tier-1 backup. Those are remote MySQL databases I don't have root access to. The machine has a cronjob running mysqldump, using password authentication to the mysql servers. Output goes into Git for efficient storage†.<p>What is a sensible way to store authentication credetials (the plaintext passwords) used by the cronjob scripts for database access?<p>† For reference, so far I have about 700 daily dumps, each daily dump amounts to some 100...350MB, git store size is about 125MB total after running git-gc. The dumps are about 5...50MB per database, as produced by mysqldump.
======
mooism2
Create a user to run this cronjob as. Store the credentials in a file owned by
and readable only by this user.

------
nodata
For this case use a /~.my.cnf file.

