[Nolug] Re: [SAGE] Multi-user password safe..

From: Dustin Puryear <dustin_at_puryear-it.com>
Date: Mon, 04 Feb 2008 10:35:31 -0600
Message-ID: <47A73ED3.7060305@puryear-it.com>

Oh, nifty! 

--
Puryear Information Technology, LLC
Baton Rouge, LA * 225-706-8414
http://www.puryear-it.com
Author, "Best Practices for Managing Linux and UNIX Servers"
   http://www.puryear-it.com/pubs/linux-unix-best-practices
Identity Management, LDAP, and Linux Integration
Martin Jackson wrote:
> I'm currently looking at ManageEngine Password Manager Pro 
> http://manageengine.adventnet.com/products/passwordmanagerpro/index.html
> The "PGP Text file shuffle" is killing me so I'm buying a copy. It's 
> free to try for up to 5 admins and 10 resources I believe.
> 
> Cheers
> 
> -Martin
> 
> Dustin Puryear wrote:
>> I think I brought this up last year.. hopefully there is better news 
>> on this front. So, we face the same issue as every other sysadmin 
>> shop: How do you store passwords?
>>
>> We are looking for an open source, shareware, or commercial product 
>> which has these features:
>>
>> 1. Provides a "password safe".
>> 2. Provides strong encryption of the underlying database.
>> 3. Allows for at least a basic password policy.
>> 4. Is reasonably easy to use.
>> (so far most free products can do all this, such as PasswordSafe).
>> 5. Is multi-user in that more than one person can be in the database 
>> at once.
>> 6. Is reasonably priced for us. That means either free or up to 
>> several hundred dollars.
>>
>> Notice I don't require that every user have their own unique password 
>> to get in. At this point, I'm okay with allowing a select few share a 
>> master password to get into the safe. Not a great solution, but it's 
>> better than the reality where everyone has their own password safe.
>>
>> What would be nice:
>>
>> 7. Each user has their own credentials.
>> 8. We could possibly tie the credentials into a directory, e.g., LDAP 
>> or AD.
>> 9. An Administrator has the ability to assign read/write rights to 
>> portions of the database.
>>
>> The solution can run on a Linux, UNIX, or Windows server.
>>
>> Thoughts?
>>
___________________
Nolug mailing list
nolug@nolug.org
Received on 02/04/08

This archive was generated by hypermail 2.2.0 : 12/19/08 EST