gpg

Linux: Using GPG encrypted credentials for enhanced security

If you currently store sensitive credentials in plaintext to automate scripting or integration to other systems, you should consider an extra layer of security by storing them encrypted using GPG. There is no fullproof way to hide sensitive information for a service that also needs to decrypt them as part of normal operations (think DVD Linux: Using GPG encrypted credentials for enhanced security

SaltStack: Keeping Salt Pillar data encrypted using GPG

When automating software and infrastructure, it is not uncommon to need to supply a user id and password for installation or other operations.  While it is certainly possible to pass these plaintext credentials directly in the state, this is not best practice. # not best practice!!! testdb_user: mysql_user.present: – name: frank – password: “test3rdb” – SaltStack: Keeping Salt Pillar data encrypted using GPG