Hacker News new | ask | show | jobs
by n0n 70 days ago
Genuine question: what's your thread model?

Vault gives time limited Tokens with Network Boundary. Instead of Keeper, i would just use age:

# write

echo "my secret" | age -r <recipient-pubkey> > secret.age

# read

age -d -i key.txt secret.age
2 comments
sneak 70 days ago
https://git.eeqj.de/sneak/secret

This is an age+filesystem secrets manager that I made that is basically what you wrote, but with more organization.

link
babawere 70 days ago
not when you need an audit system
link
n0n 70 days ago
True, but AFAIK an audit system is worthless if it resides on the same potentially compromised machine, no?
link