Store password in database

5

I have an application that needs to store passwords and get them again, ie is not just for login verification because the stored passwords will be used to provide access to another system (there is no access token for this system). A hash function is clearly inappropriate for this, and the database used (MongoDB) does not provide support for encrypting / decrypting documents in the database.

Is it a good alternative to use symmetric keys to do this encryption? In this case, I would only have available a single server and how could I safely store the key on that same server? Should I expose in the production environment the algorithm (source code) that performs this encryption / decryption or is it safer to just generate the "binary" and send the entries?

    
asked by anonymous 10.02.2017 / 07:31

1 answer

3

The normal in these cases is that the secret configuration is a token - which will be used as a symmetric password for the DB - that will be available in a file or in an environment variable on the server.

Of course, this token should never be part of a versioned file - at least not along with the source code.

If you look at all existing deploy automation systems - Chef, Salt, Puppet and even Docker - they all have a way of passing you via command line configurations that will be available on deployed systems but are not part of the repository - this information can be environment variables, or something else.

In your case, it looks like a small deploy, which will not be automated - the best thing to do is log into the server and generate the token manually in a file that will not be versioned - create a small script for it. Anyone who has access to your server will have access to this token - normal Unix file permissions can give some more protection if the server is shared - but practices are in favor of using VPS and assume that anyone who has access to the server can see these tokens (and you isolate the server with login only by restricted IP's, private key, etc.).

Above is what is cool to know and does not depend on the system being in Python or not. Now something specific about Python: a package I like to use that gives good flexibility to such configurations, allowing ease in the development and security environments in the deployed environment is the prettyconf (The author is Osvaldo Santana who was once president of the Pythonbrasil association). It is a simple package, but it allows your system at run time to try to retrieve a value from an environment variable - and if it is not available, takes by default a configuration file)

    
10.02.2017 / 17:26