处理生产配置中的密码以进行自动化部署 [英] Handling passwords in production config for automated deployment
问题描述
我在这里看到了相关问题,但它们似乎没有完全回答我的需要.
I have seen related questions here, but they don't seem to be answering exactly what I need.
我们使用 Powershell 脚本来部署我们的应用程序,并且大多数环境(UAT 等)的配置文件中的密码等信息都是纯文本格式.这不是一个大问题,但是当涉及到 PREPROD 和 PROD 时,它是一个大问题.所以我们在配置中有一些标记,比如{{prompt-password}}",它会给出一个登录对话框(Get-Credential),并且进行部署的人可以输入凭据并且部署继续.
We use Powershell scripts to deploy our applications and the info like passwords in configuration files for most of the environments ( UATs etc. ) are in plain text. It is not a big issue, but when it comes to PREPROD and PROD, it is a big issue. So we had some markers in the config like "{{prompt-password}}" which will give a login dialog (Get-Credential) and the person doing the deployment can enter the credential and the deployment continues.
但这对自动化部署并没有真正的帮助(意味着通过 TeamCity 等工具一键部署)
But this doesn't really help for automated deployment ( meaning one-click deploy through tools like TeamCity )
我应该使用非对称加密吗 (http://msdn.microsoft.com/en-us/library/as0w18af.aspx ),其中密码使用公钥加密,在配置中输入,并存储私钥(如此处所述http://msdn.microsoft.com/en-us/library/tswxhw92.aspx ) 在代理(如在 TeamCity 将触发部署且访问受限的 VM 中)运行自动部署并且它可以解密密码?不是很擅长密码学和其他东西,但这听起来像是要走的路吗?还有其他建议吗?人们如何处理这种自动化部署?
Should I go for Asymmetric encryption ( http://msdn.microsoft.com/en-us/library/as0w18af.aspx ) where the password is encrypted using a public key, entered in the config, and private key is stored (as described here http://msdn.microsoft.com/en-us/library/tswxhw92.aspx ) in the "agent" ( as in a VM from where TeamCity will trigger the deployment and which has restricted access ) running the automated deployment and it can decrypt the password? Not really strong on Cryptography and stuff, but does this sound like the way to go? Any other suggestions? How do people handle such automated deployment?
更新:
好的,我已经开始实施了.我用 C# 编写了一个控制台应用程序,它使用了 Cryptography 库.该应用程序生成密钥:
Ok, I have gone ahead and implemented it. I have written a Console Application in C# which uses the Crypography libraries. The app generates the keys:
RSACryptoServiceProvider rsa = GetRsa(containerName);
File.WriteAllText("keys.kez",rsa.ToXmlString(true));
我也得到了公钥:
File.WriteAllText("public.pke", rsa.ToXmlString(false));
将公钥提供给必须加密密码的任何人,并要求他们在配置中输入密码.将 keys.kez 文件放在必须运行部署的任何代理中.
Give the public key to anyone who has to encrypt the password and ask them to enter the password in the config. Put the keys.kez file in any agent that has to run the deployment.
推荐答案
从安全性和简单性的角度来看,非对称加密绝对是这里的赢家.我已经以这种方式非常成功地部署了生产 SaaS 应用.
Asymmetric encryption is definitely the winner here from a security and simplicity standpoint. I have deployed production SaaS apps in this manner very successfully.
有一些技巧.一,正如您所提到的,确保公钥/私钥对安装在主机上,而不是存储在配置文件或代码中.二、假设 MS 提供的管理和密钥生成工具弱到可怕,并相应地进行计划(我们创建了一个简单的 keygen exe,供 Operations 在部署期间运行.)
There are a few tricks. One, as you mentioned, make sure the public/private key pair is installed on the host, not stored in config files or in the code. Two, assume the management and key generation tools provided by MS are weak to terrible and plan accordingly (we created a simple keygen exe for Operations to run during deploy.)
这篇关于处理生产配置中的密码以进行自动化部署的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
