User:Toshio/Shared-secrets

Elements

 * 1) central store
 * 2) commandline app
 * 3) passwords are always encrypted to the backend
 * 4) private key encryption
 * 5) audit trail

Global options

 * -u/--username fas username. Used for looking up gpg keyids and expanding groups

List the available passphrases
$ shared-secrets list

root  @sysadmin-main sigul-bridge @rel-eng transifex-ssh-agent @sysadmin-web,@sysadmin-main

This retrieves the list of services and the people that should have access to them. There is no encryption involved to see this.

options

 * --date: show date of last passphrase modification (Note, includes refresh)
 * --expandgroups: Expand groups into list of usernames. Will ask for fas password

Retrieve the secret
shared-secrets decrypt root GPG Password(or agent): iamnotapassword

This retrieves the encrypted passphrase. Decrypts the passphrase once it is on the local machine using the user's private key.


 * Should this store in a file instead of printing to stdout?

Update the secret
shared-secrets change-secret root FAS passphrase: New secret: Repeat new secret: Shared secret for root updated successfully


 * Retrieve the list of users who have access for root
 * Retrieve the gpg public keys for the users who have access for root
 * Verify the gpg public key matches the key fingerprint in fas
 * Encrypt the passphrase for all of the users
 * Send the encrypted passphrase to the server

Refresh the encryption on secrets
shared-secrets refresh [optional [list of people [and groups to refresh for]]] FAS passphrase:

Refreshed for: root, transifex-ssh-agent Error: Could not refresh for: sigul-bridge


 * Retrieve list of secrets
 * If we're changing for people, retrieve group information for each group listed in secrets
 * Check people and groups against secrets
 * For each secret where the people or groups have access to the secret, refresh the encryption on the group if you have access to the group.
 * Upload the new secrets to the server.
 * Report which groups succeeded and which failed.

user gets people with access on the failed groups to update

Create a new secret
shared-secrets create-secret fedorahosted @sysadmin-main FAS passphrase: New secret: Repeat new secret:


 * Retrieve list of users for the listed groups
 * Encrypt secret for all groups
 * Create the secret on the server

This will not overwrite an existing secret

Update access to a secret
shared-secrets set-users fedorahosted @sysadmin-main @sysadmin-hosted FAS passphrase: GPG Password(or agent):

Changes the users who have access to this secret. Refreshes the encryption on the password.