Comment on Secrets Management

• jbloggs777@discuss.tchncs.de ⁨3⁩ ⁨days⁩ ago

  Encryption will typically be CPU bound, while many servers will be I/O bound (eg. File hosting, rather than computing stuff). So it will probably be fine.

  Encryption can help with the case that someone gets physical access to the machine or hard disk. If they can login to the running system (or dump RAM, which is possible with VMs & containers), it won’t bring much value.

  You will of course need to login and mount the encrypted volume after a restart.

  At my work, we want to make sure that secrets are adequately protected at rest, and we follow good hygiene practices like regularly rotating credentials, time limited certificates, etc. We tend to trust AWS KMS to encrypt our data, except for a few special use cases.

  Do you have a particular risk that you are worried about?

  source

  • irmadlad@lemmy.world ⁨3⁩ ⁨days⁩ ago

    Do you have a particular risk that you are worried about?

    A couple of the Docker compose files I’ve used have non-hashed secrets in the compose itself. I am assuming, should someone penetrate the firewall, and gain access to Portainer somehow, they could see these compose entries just like I can. While I feel like I have adequately hardened the server (Lynis reports a score of 87) and I have rather robust ids/ips, firewall, and assorted accoutrements to support a secure server, there’s always that ‘what if’ scenario running in my brain and it causes doubt. Perhaps a secrets manager is over kill for a single user, docker container server.

    source

    • jbloggs777@discuss.tchncs.de ⁨2⁩ ⁨days⁩ ago

      Yeah, at that point I wouldn’t worry. If someone has docker access on the server, it’s pretty much game over.

      source