Credentials/keychain/keystore for server applications on FreeBSD?

Alejandro Imass aimass at yabarana.com
Wed Sep 5 00:52:01 UTC 2018


Hi,

Are there any tools that can store application credentials in encrypted
form and then provide them to applications in a secure manner at runtime ?

I’m looking for a generic tool that provides some sort of protocol with
timeouts etc.

For example, a server application needs user and password for database
access and can query this tool for them on startup exactly one time.

Maybe the tool could control the number of times it gives out the
credentials or timeout after a certain period (e.g. 2 minutes after reboot)
Then would require authentication to open up the vault again.

There must be a better way of managing all the disparate credentials that
several applications may need in a secure way instead of storing these
credentials in clear text in some config file which is what most people
do.. maybe something like the JKS but generic to any type of app with some
relatively secure protocol.

TIA for any pointers or ideas.

Alex


More information about the freebsd-questions mailing list