Possibly of interest to readers (but not directly competing) is securestore, our open-source, open-protocol, cross-language framework (cli tool + libraries) for securely storing secrets and programmatically retrieving them in production: https://neosmart.net/blog/securestore-open-secrets-format/

donet version: https://github.com/neosmart/SecureStore

rust version: https://github.com/neosmart/securestore-rs

(This one is production ready)

I thought SOPS with age is what we were doing now. Do we need yet another tooling?

https://github.com/getsops/sops

• patabyte

  today at 6:55 PM

  SOPS with Age is simple, and simple is good. I strongly recommend this approach.

  • sam_lowry_

    today at 7:00 PM

    SOPS is simple? You are kidding me. Pass from https://www.passwordstore.org/ fame is simple. SOPS is ultra-complicated for a security tool.

    • sevg

      today at 7:05 PM

      I dunno, it seems mostly simple to me.

      You have a .sops.yaml with some Age public keys, and then you run “sops secrets.yml” to create an encrypted file.

Dangerously close to "scrot" which is both an X11 screenshot tool and general slang for a screenshot.

• voidfunc

  today at 6:40 PM

  Ive been working with Linux for 25ish years and have never heard of scrot. I think there's low probability of confusion lol.

Looks like every other CLI manager I've ever seen. It says not ready for production use. What's different for this than the others?