We have implemented encryption for settings in some of our applications.
The day will come when we forgott the content of these settings. What is a good way to store them? They need to be accessed by certain members of our team.
There is one way I dont like: Our admins use a wiki for this. This wiki is acessible or not. There is no easy way to see what member of the team has information to what kind of logins.
I can think of 2 possibilities:
-
Encrypt them and save them in Subversion. Only members of the team that work on the project have the key to decrypt them.
-
Use an application that is tailored to solve this problem
What is a good way to savely store secrets and make them accessible to certain members?
EDIT 1
Here is an example of a problem we might run into:
We have a web application that runs on a webserver. The config has some security critical settings like payment providers. If the system crashes and we have to move the application to a new server we cant use the encrypted config. We have to have one in clear text and encrypt it on the new server.
Its not feasible to recreate the config. We realy have to store parts of it in clear text in a save place.
You could write a program that keeps a list of authorized users and only allows them to view certain encrypted files through the program. The authorized users could communicate to the program via a public-key digital signature – in this way the admin could know which users are still authorized, but they would still have to authenticate themselves to access secure data.
But with the example you provide in your edit, I’m a bit confused. That sounds like a slightly different case. You should never store secure data unencrypted, though – that defeats the purpose and security through obscurity is not an acceptable solution! Why not just store the key to decrypt the settings file, so that if it needs to move to other server, you can decrypt it and (if necessary) encrypt it with a new key?