How do you keep track of your servers? their credentials/ssh keys, opened ports, services, IP, domain etc?

Memory

Memory, JuiceSSH, laptop

@ScribeOfGoD @evalie I was using my memory to this day too and even a formula I got from http://ameir.net/blog/archives/... some time ago for the ports, that makes it slightly easier, but with now reaching 20 private servers, it's really confusing to me to keep up with it all.

I don't have to anymore, it's all connected to my Windows creds. Back in the day we used an encrypted excel sheet called "FootballScores".

SSH keys, credentials, passwords, passphrases - 1Password
Open ports - netstat -pnlt
IP - curl ifconfig.co
Domain - it's the way I connect to the servers
Services - service --list-all

@dimitarnestorov 1password? didnt it get hacked like 5 times by now? 😅

@JoshBent started using it a couple of months ago, so I hope I'm late to the party

@JoshBent @dimitarnestorov It's shown to be vulnerable and even capable of tracking it's users' site visitation through the addon yes. I don't trust closed source shit to handle my most sensitive data anyways but of course, use what you want :).

As for the rant, memory and partly I am just fucked sometimes 😅

KeePassXC

@balaianu why XC instead of X? where is the difference?

A custom password manager app for Android, and memory.

One can also hide a piece of paper under laptop keyboard. Better to encrypt the password by substitution cipher to make it easier for you to understand and to have it ignored by other lazy people in case they for some reason they disengage your keyboard?

I used to have Ansible playbooks to maintain config, services etc for each server. So anytime looking at a playbook would tell me config, ports, software installed and services running on any given server. These were version controlled on a private git repo. And then I would have ssh keys generated for each server and keep them in an encrypted folder on my laptop.

The workflow was whenever I had to do something on the server I would run playbooks using the appropriate ssh key. I would never ssh directly, except for troubleshooting, hot fixes etc. The next step was to put those keys on a PKI but never got time around to do that.

@JoshBent Well, because it is more activly developed at the momen. An is packed as AppImage, so I can run it from my USB stick :)