1

From the server implementations that I have seen, people normally use a properties file with all the passwords (that may be encrypted with hardcoded key(s)).

I have therefore, created a server that takes localhost inputs.

However, that is vulnerable to sniffers on the host machine.

Is there a better way?

user3635998
  • 111
  • 3
  • Depends on the threat model. Defending against root on the host machine, tho, is a research project. – Jonah Benton Jul 21 '18 at 13:10
  • I think your question needs more context. What kind of servers you are taking about, what should the server do with "all the passwords" etc. It might be that you are talking about a TLS server which needs a password to load the private key of the certificate - but this is just one of several possible interpretations of your question. – Steffen Ullrich Jul 21 '18 at 13:54
  • @SteffenUllrich all the passwords, meaning all. tls, db. all. ALL. everything. the answer sought is not "what keys", but how to send secrets to a server more securely than exposing a file (that must be written on the hdd), or through network connections, that can be sniffed on server start up. i do not believe "what keys" has anything to do with "my interpretation of my question". – user3635998 Jul 22 '18 at 01:46

0 Answers0