Menu
I have written a linux daemon that will be (and must be) running as root. When it runs, there will not necessarily be anyone logged in as it is started by cron. That daemon needs to store some urls, uids and passwords as it connects to other servers (such as dropbox, google, windows servers etc).
Q: What is the *best* place and method to store those passwords.
I can't store hashes as I need the original url/uid/pwd to connect to the remote services.
There are only two options that I can see:
a) gnome-keyring-daemon
As far as I can tell, this requires a logged in user/session. I have experimented with starting it from my daemon (as root), collecting the returned environment variables and attempting to connect to it. So far this has failed.
b) a read-only file owned by root.
This could also be encrypted using (for example) the hostid, but the bottom
line is that this approach relies on obscurity and root access.
Are there other options?
991
A read-only file owned by root is pretty much the recommended solution: important services such as openssh use that option.
106
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
