Digitalcourage @digitalcourage

1 post1 participant0 posts today

**OpenSSF** @openssf@social.lfx.dev · 5d

Welcome to the OpenSSF family, OpenBao Project!

#OpenBao is a new sandbox project focused on secure secrets and encryption management—originally forked from Vault & now evolving to serve open source communities even better.

Read the blog: https://openssf.org/blog/2025/06/17/openbao-joins-the-openssf-to-advance-secure-secrets-management-in-open-source/

#OSS #OSSSecurity

**N-gated Hacker News** @ngate@mastodon.social · May 30

May 30

N-gated Hacker News @ngate@mastodon.social

Hold the presses! #OpenBao adds "Namespaces" to its secret manager, enabling isolated environments for your secrets. Finally, a solution to the problem of "Where did I put my secrets again?" Thanks, OpenBao, for making secret management feel like a game of hide-and-seek with a twist!
https://openbao.org/blog/namespaces-announcement/ #Namespaces #SecretManagement #IsolatedEnvironments #CyberSecurity #HackerNews #ngated

openbao.org · May 30Announcing OpenBao Namespaces | OpenBaoEnabling Multi-Tenancy within OpenBao

**Hacker News** @ycombinator@rss-mstdn.studiofreesia.com · May 30

May 30

Hacker News @ycombinator@rss-mstdn.studiofreesia.com

OpenBAO (Vault open-source fork) Namespaces
https://openbao.org/blog/namespaces-announcement/
#ycombinator #openbao #secrets_management #open_source #linux_foundation #encryption_as_aservice #key_management_system #pki #transit #ssh #secret_vault #database_passwords

openbao.org · May 30Announcing OpenBao Namespaces | OpenBaoEnabling Multi-Tenancy within OpenBao

**Johannes Kastl** @johanneskastl · Apr 24

Apr 24

Johannes Kastl @johanneskastl

....aaaaaand #OpenBao (the fork of #Hashicorp #Vault) is on its way to @opensuse #Tumbleweed in the latest version 2.2.1. Since 2.2.0 the webui is included in OpenBao, so this can be a full replacement for Vault!

Looking forward to doing more testing with it!

In case you want to try it out, here is a #vagrant #libvirt setup using #Ansible to prepare an OpenBao server VM and a client using a secret.
https://codeberg.org/johanneskastl/openbao_vagrant_libvirt_ansible

Codeberg.orgopenbao_vagrant_libvirt_ansibleVagrant-libvirt setup with an OpenBao Server and a client VM running the OpenBao Agent (and a PostgreSQL database)

#secretmanagement #kms #devops

**Johannes Kastl** @johanneskastl · Mar 6

Mar 6

Johannes Kastl @johanneskastl

Uuuuuuuh, #OpenBao (the open source fork of #Hashicorp #Vault) just released version 2.2.0 and now includes the UI, that was missing so far.

The package for @opensuse was adapted, tested and worked out fine. Will soon be available in #Tumbleweed!

If you want to test this out, feel free to use this vagrant-libvirt setup of mine:
https://codeberg.org/johanneskastl/openbao_vagrant_libvirt_ansible

Codeberg.orgopenbao_vagrant_libvirt_ansibleVagrant-libvirt setup with an OpenBao Server and a client VM running the OpenBao Agent (and a PostgreSQL database)

#openSUSE #secretsmanagement #opensource

**Debby** @debby@hear-me.social · Dec 24, 2024

Dec 24, 2024

Debby @debby@hear-me.social

I can’t believe how HashiCorp has fumbled the bag lately! It’s really disheartening to see a company that once had such promise in the open-source software space lose its way. It’s a reminder of how important it is to stay true to your values.
On a brighter note, I’m excited about the release of OpenBao! It’s an open-source fork of Hashi Vault, and it really has the potential to fill the gap left by HashiCorp. Check it out here: https://openbao.org/!
#OpenBao #open-source #Hashi #vault #FOSS

openbao.orgOpenBao | OpenBaoOpenBao is an open source, community-driven fork of HashiCorp Vault managed by the Linux Foundation to manage, store, and distribute sensitive data.

Replied in thread

**Brandon Mitchell** @bmitch@fosstodon.org · Nov 3, 2024 *

Nov 3, 2024 *

Brandon Mitchell @bmitch@fosstodon.org

@daniel1820815 #OpenBao is the open source fork of Vault if you go that direction. In general, I look at the potential threats first. Inside of the container, the secret will be available, and the host has access to the container.

The advantage of tools like Vault is central storage/access to those secrets, and the ability to continuously and automatically rotate those secrets. But the latter needs support from all parts of the application.

https://github.com/openbao/openbao

GitHubGitHub - openbao/openbao: OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. - openbao/openbao

**F. Maury ⏚** @x_cli@infosec.exchange · Oct 31, 2024 *

Oct 31, 2024 *

F. Maury ⏚ @x_cli@infosec.exchange

How do you handle your secrets? #IaC #devops #ansible #terraform #opentofu #vault #openbao #bitwarden #devsecops

27%I use a CaC feature (Ansible Vault, Databags, etc)
0%I store them in Terraform state in clear
1%I store them in OpenTofu encrypted state
69%I store them in a secret manager (Hashicorp Vault, OpenBao, Bitwarden Secret Manager, Conjur...)
23%I generate secrets locally
9%I use something else (please comment)

**Johannes Kastl** @johanneskastl · Jul 22, 2024

Jul 22, 2024

Johannes Kastl @johanneskastl

.....aaaaaaaand #OpenBao 2.0.0 has made it into #openSUSE #tumbleweed. Will be in one of the next snapshots!

**Johannes Kastl** @johanneskastl · Jul 18, 2024

Jul 18, 2024

Johannes Kastl @johanneskastl

#openbao 2.0.0 was released. The first release after forking from #hashicorp #vault.

The package for #openSUSE is on its way to the security devel project.

Testers are highly welcome!

Here is a vagrant libvirt setup to start playing with it:

https://github.com/johanneskastl/openbao_vagrant_libvirt_ansible

GitHubGitHub - johanneskastl/openbao_vagrant_libvirt_ansible: Vagrant-libvirt setup with an OpenBao Server and a client VM running the OpenBao Agent (and a PostgreSQL database)Vagrant-libvirt setup with an OpenBao Server and a client VM running the OpenBao Agent (and a PostgreSQL database) - johanneskastl/openbao_vagrant_libvirt_ansible

**Stefan** @stefan@social.stefanberger.net · Jun 25, 2024

Jun 25, 2024

Stefan @stefan@social.stefanberger.net

@release_candidate wasn’t there an #opensource fork… yes, #OpenBao

https://openbao.org

openbao.orgOpenBao | OpenBaoOpenBao is an open source, community-driven fork of HashiCorp Vault managed by the Linux Foundation to manage, store, and distribute sensitive data.

**Johannes Kastl** @johanneskastl · May 31, 2024

May 31, 2024

Johannes Kastl @johanneskastl

Anyone willing to try #OpenBao on #openSUSE? I have a package waiting for it to leave alpha and include a GUI. The rest is already working AFAICT...

**London Eastfield** @LawmanLungis@mastodon.social · Apr 25, 2024

Apr 25, 2024

London Eastfield @LawmanLungis@mastodon.social

Now that it's official that Hashicorp has been usurped by the Empire, we Jedi must seek alternatives. OpenBao looks promising. If anybody is using it, please share your experience(s).
#openbao #hashicorp
https://www.siliconrepublic.com/business/ibm-hashicorp-acquisition-hybrid-cloud-ai
https://openbao.org/

Silicon Republic · Apr 25, 2024IBM to expand cloud offering with $6.4bn HashiCorp dealIBM said the acquisition of software company HashiCorp continues its 'deep focus' on providing hybrid cloud and AI for its clients.

**Benjamin Carr, Ph.D.** @BenjaminHCCarr@hachyderm.io · Dec 23, 2023

Dec 23, 2023

Benjamin Carr, Ph.D. @BenjaminHCCarr@hachyderm.io

#Opensource forkers stick an #OpenBao in the oven
The rebellion against #HashiCorp for adopting a competition-limiting license for its #Terraform software expanded this week, with word that The Linux Foundation aims to help hatch an open source alternative to Vault, the company's secrets management project.
https://www.theregister.com/2023/12/08/hashicorp_openbao_fork/