SecureStore
encpass.sh
| SecureStore | encpass.sh | |
|---|---|---|
| 5 | 3 | |
| 89 | 587 | |
| - | 0.2% | |
| 6.0 | 0.0 | |
| 2 months ago | over 1 year ago | |
| C# | Shell | |
| MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
SecureStore
-
SecureStore VS dotenv-vault - a user suggested alternative
2 projects | 4 Nov 2023
-
appsettings.json secrets for local and for deployments
Have you looked into NeoSmart's SecureStore? It uses a versionable json file with encrypted strings as secrets, and can be unlocked via a password or a keyfile that you deploy to your application. I've used it before, and it's pretty easy to use and implement. https://github.com/neosmart/SecureStore
-
How do I put secrets in production build?
A similar but actually secure alternative to user secrets in-prod is using SecureStore: https://github.com/neosmart/SecureStore
-
.NET Framework 4.6.2 - Where to put environment variables
Have you looked into SecureStore (https://github.com/neosmart/SecureStore) for managing secrets? You can commit the json file to git, but you keep the key separate.
-
How do you store sensitive data in a production environment?
I tend to use secure store for this. https://github.com/neosmart/SecureStore. json file hold the encrypted stuff and I use a key file that goes out with deployment but never checked in. I can think of a thousand holes for all solutions. Most fall on how to you protect the key or the environment. At that point all is lost.
encpass.sh
-
Could someone review this PKGBUILD that I'm going to submit to the AUR?
https://github.com/plyint/encpass.sh/archive/v${pkgver}/${pkgname}-${pkgver}.tar.gz
-
How to Handle Secrets on the Command Line
The difficulties mentioned in the article with passing secrets on the command line is one of the reasons why we wrote encpass.sh (https://github.com/plyint/encpass.sh). We had a similar need for a lightweight solution for managing secrets for simple shell scripts on our local workstations and in restricted environments. Bonus, it can be easily customized with extension scripts to adapt functions for your own specific needs. See our keybase extension for an example -> https://github.com/plyint/encpass.sh/blob/master/extensions/...
-
Pass: The standard Unix password manager
We made an extension for encpass.sh that stores secrets in Keybase (https://github.com/plyint/encpass.sh/blob/master/extensions/...) if that sort of thing is of interest to you. Outside of personal secrets, it can be used as a sort of low cost stand in for shared secrets that you might use something like Vault for in a team environment.
What are some alternatives?
OkcAgent - A utility that makes OpenKeychain available in your Termux shell
OpenKeychain - OpenKeychain is an OpenPGP implementation for Android.
Electron.NET - :electron: Build cross platform desktop apps with ASP.NET Core (Razor Pages, MVC, Blazor).
wpa2-wordlists - A collection of wordlists dictionaries for password cracking
Licensing.ActivationKeys - This free, open-source .NET library allows you to license your non-free applications through activation keys.
dotfiles - Home directory with an absurd amount of tweaks
dotenv-vault - sync .env files—from the creator of `dotenv`.
transcrypt - transparently encrypt files within a git repository
SecurityDriven.Inferno - :white_check_mark: .NET crypto done right. Professionally audited.
pass-tomb - A pass extension that helps you keep the whole tree of passwords encrypted inside a Tomb.
infisical - ♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure and prevent secret leaks.
Android-Password-Store - Android application compatible with ZX2C4's Pass command line application