OpenBAO: Manage, store, and distribute sensitive data
poly2it
22 points
6 comments
July 15, 2026
Related Discussions
Found 5 related stories in 822.8ms across 14,015 title embeddings via pgvector HNSW
- OpenRA tosh · 641 pts · June 27, 2026 · 55% similar
- Show HN: Baerly-storage, a document DB that runs per request, no DB server baerbaerbaer · 15 pts · July 07, 2026 · 48% similar
- Agent Skills – Open Security Database 4ppsec · 33 pts · March 16, 2026 · 48% similar
- Open Repair Data Standard – Open Repair Alliance cassepipe · 117 pts · June 02, 2026 · 47% similar
- Open Memory Protocol – One Memory Store for Claude, ChatGPT, Curso soji_mathew · 25 pts · June 30, 2026 · 47% similar
Discussion Highlights (3 comments)
aiman_alsari
Ever since the IBM acquisition of Hashi I've been using this a lot more with my clients to save cost
EnigmaCurry
Not directly related to openbao, but I've thought about this for awhile that I'd like to use ssh certificates instead of ssh keys to allow an agent a time limited SSH access to a server, and that seems to work for gating the initial connection, but I haven't yet figured out how to enforce the established connection dies after a certain time. I could maybe hand roll a solution with ExposeAuthInfo and ForceCommand wrapper, but it feels like this sort of thing should be handled delicately..
elevation
My dream configuration in the past was Vault, protected by step-ca's ACME implementation, with an IdP like KanIDM for SSO. But it seems like there is so much feature creep: OpenBao now has its own ACME server. And KanIDM is considering it... Why is every app vying to be my root of trust?