'How to work with private keys securely in bash?
How to securely work with private keys in a bash script? My first attempt involves storing the encrypted key pair in a field in the database(mongo). However, I've since realised that I will have to use these keys in bash scripts, after being decrypted, in order to scp or ssh(key has to be a file so this will also increase IO).
This occurs inside an alpine linux container. Should I be concerned about using echo on a string containing a key?
I've also considered storing the keys in a container volume as files (id_rsa, id_rsa.pub) and referencing those paths in the database(or hardcoding a path). I am working with very many key pairs which go from DB to UI to API(3 separate containers) to BASH(in the API container)to create a connection and perform functions on each of these hosts. Which helps with the IO problem.
Is there a better way to do this? Should I be using some sort of keystore that I can store references for inside my DB?
In order of importance, Secure - Low IO - High Efficiency.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|