Home>

The password for connecting to an external service from a Linux server. How should I save it on the server?

What are you doing now?
-Store encrypted passwords (in a decryptable form) in the DB
・ Encryption/decryption key is in a place where httpd cannot be read
-The login password used for DB connection is also in a place where httpd cannot be read.
I am taking measures that I can think of.

However, if i am logged in with root privileges, if i am a skillful person, everything will be revealed in a matter of hours (tens of minutes?).
How do other people store it?

  • Answer # 1

    Well, if you enter with root privileges, you will end up getting stuck.
    Even if you encrypt the password, if you look at the program, you will know how to decrypt it.
    Even with digital certificate authentication, you will be taken away with the key (like a coin check)

    So, there are various ideas for "don't log in as root".
    For example,

    Prohibit root remote login

    Proceed further and prohibit logins other than the physical console (Ali if virtual server)

    Appropriate firewall settings. Allow remote login only from limited devices

    Sudoers passwords enforce expiration and complexity

    Send emails and alerts when logged in as root
    This is more intrusion detection than not logging in.

    Record login history of all users and audit regularly

    There is no such thing as perfect risk measures such as this, but considering the types of threats that can occur and the impacts when they occur, consensus with the responsible person and appropriate cost Should be implemented.
    Avoid unrealistic measures that are less effective or costly for operation.

    Furthermore, I think that it will be somewhat secure by setting the authority so that only the root and the execution user can see, as well as saving the file where the password is written in a location where web access is not possible.