Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


How do you guys keep track of all you vps's login data? - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How do you guys keep track of all you vps's login data?

24

Comments

  • ZeroZero Member
    edited October 2012

    Random chars password generated and saved with KeePassX.

  • rm_rm_ IPv6 Advocate, Veteran

    @rds100 said: making sshd reload

    Not even reload, plain /etc/init.d/ssh restart never caused a problem for me, and the connected session does not break (not sure how, must be magic).

  • edited October 2012

    For hosts I log in very often I use public key authentication. I edited SolusVM Access Key script according to my needs and host it on my server along with my public key/md5, so it's super easy to install.

    For others, I either use 1Password, or Password phrases.
    image

    I usually go with something like bacon[hostname]vanillaliverpool kind of password phrases :D

    Thanked by 1Chan
  • I prefer Keepass.

  • Notepad and stored in a true crypt hidden volume which is unmounted anytime I leave my computer. Backed up on external which is also true crypt encrypted :p

  • @Fusioned_George
    Not very useful against dictionary words based guesses though :D

  • @Chan said: Not very useful against dictionary words based guesses though :D

    Nah.. it will takes ages to crack until they get the right order of the right words (plus there's the hostname). It's pretty safe ;)

  • I'm just using my Excell to save my billing info, my vps details, with each vps have their own password with 20chars

  • AsadAsad Member
    edited October 2012

    I have an access database which holds data on the providers, the server specs, and hostnames, ip addresses, what it's used for, etc.

    Although I do keep forgetting to update it, there's a few yearly boxes I've probably forgotten about until I get reinvoiced next year.

    For anything that isn't production use, I use the same ssh key to access the server.

  • GMail with 2FA. I understand that's not a good thing for production systems*.

    *Wait, what production system would I have?!

    Thanked by 1Asim
  • jhjh Member

    SecureCRT

  • joepie91joepie91 Member, Patron Provider

    Keypair authentication, with password auth via SSH turned off. Everywhere. No exceptions.

    For all my other passwords (billing panel, etc.), KeePass.

    Seriously, there is no valid reason not to use KeePass / KeePassX. If you're reusing passwords anywhere, install and use KeePass instead. You do not want to get burned by password reuse, trust me.

    Thanked by 4Amfy rm_ jcaleb mpkossen
  • im new to keepass and password management. so if i install on my desktop, what if my desktop got corrupted or malfunction one day?

  • joepie91joepie91 Member, Patron Provider

    @jcaleb said: im new to keepass and password management. so if i install on my desktop, what if my desktop got corrupted or malfunction one day?

    You can safely backup your KeePass database file remotely, assuming the password/keyfile you used for it is strong enough. All data is encrypted. The ideal solution imo would be a strong master password, and a backup of your KeePass database to a thumbdrive, as well as some VPS.

    This takes advantage of one of the main benefits of encryption: you don't have to trust your storage/network provider :)

    Thanked by 1jcaleb
  • wdqwdq Member

    @jcaleb I personally put my password manager's data files into my Dropbox folder which syncs and backups the data with my other computers. that way if one of my computers has issues I'll still have my passwords.

  • ~/.ssh/config and email invoice reminders

    Thanked by 2NickM Asim
  • Before keepass or passwordmanagers I used to do this:

    $ echo "mypassword+address.of.server.org" | shasum
    a784dab573dfa1efbfbeb0fdcfb8f8c7b1921cc5 -

    My secret password, plus the domainname or the server address. Works quite well, had it in a GPG encrypted text file...

    Thanked by 1Asim
  • @Raymii
    That's pretty much exactly what I do, I even wrapped it up in a little script for convenience. Seems to work alright and I don't have to worry about keeping any files secured.

  • Tatoo-ed the credentials on my P*nis

  • hey @DotMG that doesn't leave a lot of room does it?

  • @24khost ATM it is sufficient for the number of VPS I do have. As I'll purchase more and more VPS (like @ErawanArifNugroho), I think I'll then consider these spams about pills, surgery, books, ...

    Thanked by 1ErawanArifNugroho
  • i use a certain web script for my SolusVM logons. the reset are stored in a encrypted container.

  • ryanarpryanarp Member, Patron Provider

    1Password usually works well for me

  • joepie91joepie91 Member, Patron Provider

    @Raymii said: Before keepass or passwordmanagers I used to do this:

    $ echo "mypassword+address.of.server.org" | shasum

    a784dab573dfa1efbfbeb0fdcfb8f8c7b1921cc5 -

    My secret password, plus the domainname or the server address. Works quite well, had it in a GPG encrypted text file...

    @Garrett said: @Raymii

    That's pretty much exactly what I do, I even wrapped it up in a little script for convenience. Seems to work alright and I don't have to worry about keeping any files secured.

    That's actually not much better than just reusing a password. If someone were to bruteforce that hash, he would have your master password, meaning he has access to all sites you use anyway.

    Might as well just reuse one password everywhere then.

  • I pull a random subset of a string from the GRC password tool and store it in keepass (password and key) in a dropbox folder.

    https://www​.grc.com/passwords.htm

  • joepie91joepie91 Member, Patron Provider

    @bdtech said: I pull a random subset of a string from the GRC password tool and store it in keepass (password and key) in a dropbox folder.

    https://www​.grc.com/passwords.htm

    I'm not quite sure that using GRC is more secure than using the built-in password generator in KeePass. Using GRC, there is the possibility, however minimal, that they save the generated passwords. You have no way to check.

    Thanked by 1Asim
  • @joepie91 said: That's actually not much better than just reusing a password. If someone were to bruteforce that hash, he would have your master password, meaning he has access to all sites you use anyway.

    Might as well just reuse one password everywhere then.

    Its a little more secure than that:

    First off, I reencode the binary hash using base64, not only making it a stronger password but it also no longer looks like a hash.

    Secondly, I usually don't use the full hash, just the first sixteen digits.

    And finally, someone would have to be targeting me specifically to bother going to all that work cracking the hash and guessing the other services its used on. At that point, there would probably be much easier ways to get into my (mostly worthless) stuff.

    The whole idea is just to avoid being an easy target if someone hacks a provider and dumps my login info onto the net.

  • joepie91joepie91 Member, Patron Provider

    @Garrett said: First off, I reencode the binary hash using base64, not only making it a stronger password

    No, it doesn't. Using a common key-less algorithm to encode your data will add practically zero security.

    @Garrett said: but it also no longer looks like a hash.

    Security through obscurity is not a valid form of security. Not to mention that base64 is incredibly easy to recognize.

    @Garrett said: And finally, someone would have to be targeting me specifically to bother going to all that work cracking the hash and guessing the other services its used on.

    Or have a lot of computing power (say, someone with a Bitcoin mining grid) and just run through everything that looks like a hash. Incredibly easy to automate, and cracked in no time.

    @Garrett said: The whole idea is just to avoid being an easy target if someone hacks a provider and dumps my login info onto the net.

    Then use a proper method that isn't prone to the above vulnerabilities/weaknesses, like storing passwords in Keepass. It's not like it's really any more effort.

  • @joepie91
    Its very true, but my goal was simple and convenient security, not something up to NSA standards. And its more convenient to me to use a 48 line shell script than a graphical program with all its dependencies.

    Plus storing a list of passwords on my system means that IF it were compromised, say, by a keylogger or rubber hose, not only would the attacker have all of my passwords, he would also have a list of all the services they are tied to.

    So depending on how you're being targeted, Keepass could be less secure than a simple hash generator.

  • joepie91joepie91 Member, Patron Provider

    @Garrett said: Its very true, but my goal was simple and convenient security, not something up to NSA standards.

    NSA standards would be quite a bit more extreme. This is just proper password security.

    @Garrett said: And its more convenient to me to use a 48 line shell script than a graphical program with all its dependencies.

    http://sourceforge.net/projects/kpcli/

    @Garrett said: Plus storing a list of passwords on my system means that IF it were compromised, say, by a keylogger or rubber hose, not only would the attacker have all of my passwords, he would also have a list of all the services they are tied to.

    So depending on how you're being targeted, Keepass could be less secure than a simple hash generator.

    Not really. If someone were to keylog your machine, they could just as easily monitor the input you give to that shell script. It actually gives them more useful information - instead of just getting a list of services, they get a list of services you actively use.

Sign In or Register to comment.