Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Depend on the kind of keys or secrets in general, and the infrastructure you work with. As bare minimum KeePassX/KeePassXC works as personal keys vault (that have a master password), GoPass (+git) as team passwords repository that use GPG keys as encryption, and passphrase for SSH keys. And, of course, trying to be mindful in what I run in my local computer.
I use https://github.com/sorah/envchain. It stores your secrets in Keychain (macOS) or gnome-keyring.
We are using https://github.com/mozilla/sops
I use a teller to pass secrets to my apps/commands, secret values are stored in OSX keychain, .env file or AWS Vault. It depends on project / environment context.
I use a aws-vault to switch thought all profiles on all aws account. It support SSO with 2FA.
pass is a good tool for this workflow.