Hello Philippe
My reply probably isn't very helpful, as I don't see how you could securely store a password AND make it retrievable. Not unless you decrypt them with a master password or something..
BTW, SSH keys wouldn't be of any help because there are too many persons who would have to integrate these keys on their machines.
Are you looking at this like you should? Users shouldn't have to integrate keys. You shouldn't have to create key pairs that go on the users' machines. The users should give you their public keys which you can put (1 time only) in for example a databag. A key is personal and comes from the user, not from the app.
Kind Regards,
Steven
Op 4-jan.-2013, om 10:57 heeft Philippe Bérard < > het volgende geschreven:
Hello everyone,
I would like to know if anyone has already managed to deploy multiple users/webapps on servers via CHEF and, therefore, how they've managed password generation and storage.
I've actually written a recipe which creates users and deploy a webapp for each of them, by reading a databag. I'm generating the password during user's creation and storing the password in the original databag. Of course, this method is completely insecure.
I've tried to use encrypted databags but this kind of databag can't be written by a recipe, only read. BTW, SSH keys wouldn't be of any help because there are too many persons who would have to integrate these keys on their machines.
Thanks in advance for any help.
Regards,
Philippe Bérard
Responsable informatique
Tel : +33 (0)1 39 23 31 17
Mob : +33 (0)6 01 27 87 86
Fax : +33 (0)1 39 55 47 56
58, Rue Pottier
78150 Le Chesnay
www.jalios.com
<image001.gif>
P Afin de contribuer au respect de l'environnement, merci de n'imprimer ce message qu'en cas de nécessité.
Archive powered by MHonArc 2.6.16.