Retrieving Secrets Securely

Thomas Gray recently posted about how he and his team¬†integrated with Vault for secret management¬†using Rancher as a source of truth for authentication and authorisation. This is a follow on post which discusses how my team and I approached a similar problem. What did we need to do? We were building authentication and authorisation services … Continue reading Retrieving Secrets Securely

Generating New Master Key Shares in Vault

Vault makes use of Shamir's secret sharing scheme to split a master key into n pieces, requiring at least k of them to be presented at 'unseal' time. At initialisation time, the user specifies what values n and k should take. Vault does not make it possible to change the number of shares after initialisation … Continue reading Generating New Master Key Shares in Vault