shamir
vault-plugin-secrets-github
shamir | vault-plugin-secrets-github | |
---|---|---|
2 | 3 | |
19 | 254 | |
- | - | |
0.0 | 6.1 | |
10 months ago | 5 days ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
shamir
-
Ssss: Shamir's Secret Sharing Scheme
A few months ago I built a CLI frontend for Hashicorps shamir secret sharing implementation in Go. You can find it here: https://github.com/dennis-tra/shamir
It combines the two separate commands in the article into one.
- Show HN: A CLI Frontend for HashiCorp Vault's Shamir's Secret Sharing
vault-plugin-secrets-github
-
GitHub: Packages support for fine-grained PATs
The gold standard is to have these tokens be emphermaland hove them issued my something like https://github.com/martinbaillie/vault-plugin-secrets-github. You should never rely on manually rotating tokens, it's 2024 and we have decades of production outages due to expired certs to prove that this stuff needs to be automated. Having mandatory expiration is a great way to incentivize users to do the right thing here.
-
Fine-grained personal access tokens for GitHub
There's a really nice HashiCorp Vault plugin to generate finely scoped JIT GitHub token: https://github.com/martinbaillie/vault-plugin-secrets-github
-
For those using argo with github, how do you handle your personal access token expiration?
Do you have HashiCorp Vault in your stack? I haven't used this particular one, but a Vault plugin such as this would be a viable way to manage token generation: https://github.com/martinbaillie/vault-plugin-secrets-github
What are some alternatives?
keyxn - Pure Nim implementation of Shamir's Secret Sharing (SSS) algorithm
libvault - A lightweight Vault client module written in Go, with no dependencies, that is intuitive and user-friendly
sss - Library for the Shamir secret sharing scheme
medusa - A cli tool for importing and exporting Hashicorp Vault secrets
blockchain-crypto-mpc - Protecting cryptographic signing keys and seed secrets with Multi-Party Computation.
secrets-store-csi-driver - Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
python-slip39 - Generate Ethereum, Bitcoin, etc. account seed and backup Mnemonics in SLIP-39 format (Trezor & Ledger compatible), with details in printable PDF format. Optionally, also print encrypted JSON and BIP-38 paper wallets.
vault-secrets-operator - The Vault Secrets Operator (VSO) allows Pods to consume Vault secrets natively from Kubernetes Secrets.
go-shamir - A small CLI tool for Shamir's Secret Sharing written in Go, using Vault's Shamir implementation
multi-party-ecdsa - Rust implementation of {t,n}-threshold ECDSA (elliptic curve digital signature algorithm).
keyx - Elixir implementation of Shamir's Secret Sharing
kyber - Advanced crypto library for the Go language