Possibly of interest to readers (but not directly competing) is securestore, our open-source, open-protocol, cross-language framework (cli tool + libraries) for securely storing secrets and programmatically retrieving them in production: https://neosmart.net/blog/securestore-open-secrets-format/
replydonet version: https://github.com/neosmart/SecureStore
rust version: https://github.com/neosmart/securestore-rs
(This one is production ready)
I thought SOPS with age is what we were doing now. Do we need yet another tooling?
replySOPS with Age is simple, and simple is good. I strongly recommend this approach.
replySOPS is simple? You are kidding me. Pass from https://www.passwordstore.org/ fame is simple. SOPS is ultra-complicated for a security tool.
replyI dunno, it seems mostly simple to me.
replyYou have a .sops.yaml with some Age public keys, and then you run “sops secrets.yml” to create an encrypted file.
Dangerously close to "scrot" which is both an X11 screenshot tool and general slang for a screenshot.
replyIve been working with Linux for 25ish years and have never heard of scrot. I think there's low probability of confusion lol.
replyLooks like every other CLI manager I've ever seen. It says not ready for production use. What's different for this than the others?
reply