Displaying 1 to 7 from 7 results

Keywhiz - A system for distributing and managing secrets

  •    Java

Keywhiz is a system for managing and distributing secrets. Keywhiz servers in a cluster centrally store secrets encrypted in a database. Clients use mutually authenticated TLS (mTLS) to retrieve secrets they have access to. Authenticated users administer Keywhiz via CLI or web app UI. To enable workflows, Keywhiz has automation APIs over mTLS and support for simple secret generation plugins.

Vault - A tool for managing secrets

  •    Go

Vault secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Vault handles leasing, key revocation, key rolling, and auditing. Vault presents a unified API to access multiple backends: HSMs, AWS IAM, SQL databases, raw key/value, and more.

SOPS: Secrets OPerationS

  •    Go

sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault and PGP.

Confidant - Your Secret Keeper. Stores secrets in DynamoDB, encrypted at rest.

  •    Python

Confidant is a open source secret management service that provides user-friendly storage and access to secrets in a secure way, from the developers at Lyft. Confidant stores secrets in an append-only way in DynamoDB, generating a unique KMS data key for every revision of every secret, using Fernet symmetric authenticated cryptography.

ghost - A simple, server/less, single-api, multi-backend, ghostly secret-store/key-store for your passwords, ssh-keys and cloud credentials

  •    Python

ghost aims to provide a secret-store with a single, simple-to-use API supporting multiple storage backends without requiring a server to run. To that end, ghost supports file based backends like TinyDB and SQLite. Using other backends means, of course, that they need to be available to ghost, while ghost itself remains stateless.

gopass - Gopass: A simple password-store GUI

  •    Go

This is a very simple read-only UI for searching the passwords in your http://www.passwordstore.org/ password store. It is written in Go. Decryption is handled by GPGME, so hopefully whatever gpg agent you are running should just work.

ripasso - A simple password manager written in Rust

  •    Rust

The root crate ripasso is as a library for accessing and decrypting passwords stored in pass format (GPG-encrypted files), with a file-watcher event emitter. Multiple UI:s in different stages of develapment are available in subcrates.