this question is not specially unix related, but I expect advanced and expert unix users to have a solution for this, and I've found no other subforum that fits
what do you use to store accounts, customer ids, ip addresses, users and specially passwords, to access them from everywhere
different accounts I've been given from customers as well as private ones
any safe tool for this? do you carry them around on a encrypted usb stick or use an web application an a root server?
I want to know how other admins/consultants/specialists handle this, because I need to find an easier way, my passwords are stored on many different locations
First off, what are you doing with this information? It seems odd, because the answer to "how to store passwords" is, usually, "don't". To make a login system, you don't store the passwords, you store hashes made from them instead, so anyone stealing them can't turn them back into passwords.
I'm not talking about any customer password I want to know in clear text, I changed the thread text to make that clear
I'm talking about different types of systems I need to authenticate on, ssh, telnet, sftp, rdp citrix, http proxy or even any web accounts for oracle, ibm, hp and so on
in different networks, different domain controllers, switches, firewalls
personalized or admin accounts
sometimes I just get them from customers and can't change them, some other accounts I create myself, but need to give them to others, so I should keep records
and I want a system to store all these passwords/accounts in a practicable but safe way, so I have access to them everywhere I am
easiest way would be an encrypted text file
but I'm interested in what other people are using for this purpose
When I worked as a consultant this kind of information was stored in a database (actually our ticketing system) and you were able to access it from outside only if you connected to the companies network via vpn.
This way regular backups are possible and everyone in the company who needed the information and had the right to see it was able to do so. Carrying around a physical device gives an attacker more possibilities to obtain or destroy your information.
I never worked as a freelancer who didn't have this kind of infrastructure, so not sure what I'd do in this case.
I would recommend keepass. It has many options which makes storing and using password quite convenient (like generate password, keep records for time sensitive passwords, auto-type for all possible input windows etc). As for your question about some sort of centralization there is option to sync local database through many channels (ssh,ftp, sftp, http etc). There is also android version (unofficial but still ...).
A nice tool is SafeWallet (SBSH). It's available for Windows, Mac and all relevant smartphone platforms. The encrypted password database may be synchronized over dropbox and there are plugins for Internet Explorer, Firefox, and Chrome to replace the built in password management. It's payware but the price seems to be reasonable.
