You can encrypt data using GPG keys for multiple recipients - each recipient can access the data using his/her GPG key. GPG keys can also be used to authorize SSH access via Monkeysphere Project. - http://web.monkeysphere.info/.
2014-04-08 21:19 GMT+02:00 anatoly techtonik <[email protected]>: > On Tuesday, April 8, 2014 11:33:14 AM UTC+3, Dag Wieers wrote: >> >> On Mon, 7 Apr 2014, anatoly techtonik wrote: >> >> > Is it technically possible to encrypt some sensitive data using >> available >> > SSH public key, so that only the owner of private key could read them >> with >> > the help of SSH agent? >> > >> > Why? >> > 1. No need to remember one more password. >> > 2. No need to send the password to a person who needs to read the file. >> > 3. No need to run one more agent. >> >> That is an interesting idea :) It would mean as a team you would need to >> add a specific (team) key to your agent (and ensure this key is >> suficiently protected) in order to execute the playbook. >> >> So some way to test if the key is loaded before starting the playbook (or >> as part of the playbook) would be useful. >> > > The initial idea was to have the same data encrypted by multiple keys, so > that any from the team can open it, and you don't need to give everybody > some team key or team password - just add all public keys to the chain. > > Of course this is possible only when the basic problem of reusing SSH > agent for decryption can be solved. > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/dc2ac9d7-c7dd-476c-a95e-7e8485f78b42%40googlegroups.com<https://groups.google.com/d/msgid/ansible-project/dc2ac9d7-c7dd-476c-a95e-7e8485f78b42%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAEnKK1xb4T%3DkU7Z15CPLmFdtApL9zWZH4WYqYfTTW4NVc0i3yQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
