Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Credentials management and deployment
Python
branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
clearwater
docs
tools
.gitignore
README
README.rst
requirements.txt

README.rst

Clearwater

Clearwater is credentials management and deployment application. Think of it as a multi-user password managment application.

It's intended for situations where you need to securely store credentials which a number of people need access to a common set of credentials.

In addition, it is intended to do SSH public key deployment to servers.

Ideally, it will also have facilities for periodically programmatically updating credentials, though in the meantime, I see it only sending or displaying alerts.

For SSH key management, it will, most likely support two deployment methods. First will be that the application itself will periodically check and deploy new keys on the machines in its network. Second will be having a key management daemon running on each of the managed machines, which will wait on deployment requests from the central server and monitor any authorized_keys files to prevent their modification.

Users in the system are assigned to groups. Machines are in turn assigned to clusters. Users and groups can be assigned access to clusters and individual machines. Additionally, access to credentials can be assigned to individual users or whole groups. All credentials are kept in an encrypted backing store. For the application to be able to access the backing store, an administrative user will need to provide a private key to allow decryption of the data.

What's with the name?

The name is a silly joke. It may or may not change in the future if I think of something better, but it's fine for now.

Something went wrong with that request. Please try again.