topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Friday March 29, 2024, 2:07 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Wanted: SysAdmin-focused Account Information Keeper  (Read 13449 times)

tinjaw

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,927
    • View Profile
    • Donate to Member
Wanted: SysAdmin-focused Account Information Keeper
« on: October 11, 2009, 11:54 AM »
I have RoboForm for keeping my web-based login usernames and passwords organized. What I am looking for is something focused for system administrators.

I have things configured in various programs. For example, I have FileZilla configured with my account info. Same with PuTTY, X-Win32, Super Flexible File Synchronizer, and others. But every time I add a new software tool to my toolbox I need to create those accounts and I need a canonical source for my connection information. Or, even when using an existing tool, I need to add new sites/connections/accounts as I use them for the first time in that tool.

Right now I save them as Safenotes in RoboForm and maybe I just need to figure out a better way to organize the information.

What do you SysAdmin- SuperUser-types use?

Gothi[c]

  • DC Server Admin
  • Charter Honorary Member
  • Joined in 2006
  • ***
  • Posts: 873
    • View Profile
    • linkerror
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #1 on: October 11, 2009, 02:47 PM »
I have a custom command-line password management script I wrote, kind of like a password search engine.
It lets me define any number of fields of information (kind of like an LDAP directory), eg: server name, ip address, user name, password, email address, url, notes,.... Not every entry needs to have all fields (Which is the advantage of directory-style versus column style) -
Then on commandline i just type:
pass somename someserver
- and it will give me the entry where all keywords hit, in a nice layout for easy copy/paste.

pass -e

will let me edit the directory in vim.
Every time i run pass, it asks for the master password, everything is encrypted using bcrypt or mcrypt

I may actually switch to a real encrypted ldap directory some day or use a real password management program, but so far this works quite nicely.

Lots of people swear by KeePass and stuff.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #2 on: October 11, 2009, 05:36 PM »
Lots of people swear by KeePass and stuff.

I use KeyPass. I'd go nuts keeping track of all the logins I have if I didn't.
Decent built-in security features too. Especially nice is the way it maintains in-memory security so you don't need to worry about your passwords being cached by the OS.

Small, fast, and secure. What's not to like? 8)


techidave

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,044
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #3 on: October 11, 2009, 09:43 PM »
I use the Firefox password manager but maybe I should/need to consider KeePass or RoboForm but for what reasons??

tinjaw

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,927
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #4 on: October 12, 2009, 11:39 AM »
I may actually switch to a real encrypted ldap directory some day

That is what I was thinking about doing; creating a custom app built around an LDAP.

Innuendo

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 2,266
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #5 on: October 12, 2009, 12:12 PM »
I use the Firefox password manager but maybe I should/need to consider KeePass or RoboForm but for what reasons??

I think the focus of this thread is tinjaw is looking for a program to keep track of all his passwords across all his programs. Your solution is great while you are using Firefox, but how do you remember your passwords for things you don't use Firefox for?

I, fortunately, have a very good memory so I don't use any program to remember my passwords. Just my noggin, but a lot of people aren't blessed with good memories so my solution isn't optimal for some.

I guess one could always go with a password.txt file inside a TrueCrypt container. :)

Gothi[c]

  • DC Server Admin
  • Charter Honorary Member
  • Joined in 2006
  • ***
  • Posts: 873
    • View Profile
    • linkerror
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #6 on: October 12, 2009, 02:01 PM »
I, fortunately, have a very good memory so I don't use any program to remember my passwords. Just my noggin, but a lot of people aren't blessed with good memories so my solution isn't optimal for some.
As a sysadmin it's easy to have hundreds of very long very hard to remember passwords.... if your noggin can handle that, then wow... :)

Innuendo

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 2,266
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #7 on: October 12, 2009, 04:58 PM »
As a sysadmin it's easy to have hundreds of very long very hard to remember passwords.... if your noggin can handle that, then wow...

I've got a bunch of tricks and word association games I play in my head & it's a pretty secure system because the associations only make sense to me.

Ehtyar

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #8 on: October 13, 2009, 02:42 PM »
The problem I find with KeePass is that the format is soooooo limited. If I set up a new server with PHP/MySQL, a few webapps and a few users, there's 10 or 15 passwords right there. Are you telling me I've then got to add 15 individual passwords to KeePass, one at a time? No thank you...

Right now I'm using WikidPad and keeping the wiki itself encrypted on my drive. It's a nasty hack, and I'd really like native encryption within the application, but beggars can't be choosers...

Ehtyar.

Innuendo

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 2,266
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #9 on: October 13, 2009, 05:45 PM »
Right now I'm using WikidPad and keeping the wiki itself encrypted on my drive. It's a nasty hack, and I'd really like native encryption within the application, but beggars can't be choosers...

You may consider it to be a nasty hack, but look at it this way. If you find another program you prefer you can still use your choice of encryption. Also, if you find another encryption algorithm you'd rather use you can still use it with the program of your choice. Modularity has it's benefits.

Ehtyar

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #10 on: October 13, 2009, 05:57 PM »
I do understand what you're saying, but for sysadmin related stuff I'm only looking to prevent a random user getting a-hold of all our passwords, I've no expectation that the NSA would want to get into my Wiki. An optional password with something basic (AES, Twofish etc) would be plenty for me.

Ehtyar.

[edit]
It also means decrypting to a file instead of decrypting to memory. Nasty.
[/edit]
« Last Edit: October 13, 2009, 06:12 PM by Ehtyar »

Lashiec

  • Member
  • Joined in 2006
  • **
  • Posts: 2,374
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #11 on: October 14, 2009, 09:46 AM »
Right now I'm using WikidPad and keeping the wiki itself encrypted on my drive. It's a nasty hack, and I'd really like native encryption within the application, but beggars can't be choosers...

I can't believe f0dder hasn't chipped in here recommending you fSekrit

Ehtyar

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #12 on: October 14, 2009, 05:20 PM »
A single plain text file is perhaps a little too free-form I think.

Ehtyar.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #13 on: October 14, 2009, 08:00 PM »
A single plain text file is perhaps a little too free-form I think.

Ehtyar.

Why not gin up a quick & dirty MS Access app then? That way you could use any form layout you wanted. Encrypt the file using AxCrypt if the built-in isn't strong enough for what you want.

Grab high-entropy passwords from here: https://www.grc.com/passwords.htm

or here: http://www.goodpassword.com/   - and paste them in as needed.


aimshk

  • Supporting Member
  • Joined in 2007
  • **
  • default avatar
  • Posts: 1
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #14 on: November 08, 2009, 06:56 AM »
Being a long-time lurker, sorry.

I use KeyNote from Tranglos for this task. One can have multiple files, each with multiple tabs, and within this, tree nodes. While it is free-form, that to me is a benefit as I record not just passwords, but other sysadmin items such as configuration data and notes. The files can be encrypted, and it has good search capability.

The author of KeyNote has stopped development, but you can get his latest version (1.6.9) at http://www.tranglos.com/free/keynote.html

Further development has been taken up at http://code.google.com/p/keynote-nf/ where it is now called KeyNote NF. The latest version is 1.7.8.1

Chris

rjbull

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 3,199
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #15 on: November 08, 2009, 09:55 AM »
I use KeyNote from Tranglos for this task.
In the same vein, the OP might consider Horst Schaeffer's MemPad.  It's portable, which can be an advantage.

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #16 on: November 10, 2009, 06:20 AM »
Right now I'm using WikidPad and keeping the wiki itself encrypted on my drive. It's a nasty hack, and I'd really like native encryption within the application, but beggars can't be choosers...

I can't believe f0dder hasn't chipped in here recommending you fSekrit
+1 (Damn, you beat me to that :))

As a Network Admin portable security is definitely an issue, and f0dder's fSekrit (on a Thumb-Drive) works for me. It's a small, fast, simple, and elegant solution.

urlwolf

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,837
    • View Profile
    • Donate to Member
Re: Wanted: SysAdmin-focused Account Information Keeper
« Reply #17 on: February 08, 2010, 09:57 AM »
to those stranded users of keynote, keepnote is a great alternative, and crossplatform.