Continuing the discussion from Contribute code to a text adventure using Inform 7:
I wanted to have a discussion about backing up credentials. How do ya’ll backup your credentials? 
I have an encrypted backup of my home directory somewhere not on my laptop, and that’s it. I know some of you sync your password vault to your mobile, something that could potentially be nice to have, but I’m nervous about that, and I wouldn’t mind figuring out why. 
ssh keys get stored in my encrypted keepassxc/keepassdx database. Per: Password management 2019 check-in - #2 by trashHeap
The encrypted database itself is mirrored to multiple machines for redundancy. (Previously via syncthing, now by NextCloud.). Nextcloud data and the various device filesystems are encrypted. For doubly encrypted safety. Nextcloud has versioning in place to protect against synchronizing some corruption to the database. Nextcloud is also periodically backed up by BorgBackup. (again encrypted).
Once a year (usually shortly after new years) I make a plaintext backup of the database to a thumb drive and I store that in a safe,secure and fire-proof place.
@trashHeap are you still using syncthing? We don’t keep a home WiFi network, and my clients can’t fond each other on other networks, and I didn’t want to use announce servers… so I’m leaning more on Nextcloud these days.
Not since I completed: http://archive.v1.talkgroup.xyz/t/discover-yunohost/
I only talked about de-emphasizing syncthing for everything over there. But in practice I ended up swapping over to nextcloud for everything.
How, exactly? Are you using a KeePassXC/ssh-agent integration? Also, how do you manage ssh keys between devices? I’ve started syncthing the password database and it works great, but I don’t even know what I ought to do with ssh-keys on different machines.
I’m seeing these two methods:
Number 2 sounds great, but is different from what I’ve done, and I haven’t thought about it critically.
I literally copy and paste the SSH keys into KeepassXC without any native integration. Typically durring OS reinstalls I backup .ssh folder, so going back into KeepassXC for them is a kind of worse case scenario sort of deal. My Keepassxc database is part of my encrypted borgbackup routine and is synchronized to multiple devices via syncthing too so it should be well backed up.
I typically though only ssh from the laptop though, not counting my employers machines. So I don’t worry too much about cross device synchronization.
My employer doesn’t worry about ssh keys too much and treats them as disposable, relying mostly on network access / VPNs and account credentials verified via ldap for ssh security. They don’t allow passwordless connections.
Do you sync your .ssh/config? I’ve been considering syncing the hosts info I connect to, but wasn’t sure how that works with different keys. Maybe an include ref to a stowable dotfile? 
Hmmm, I think I only keep hosts info/aliases in .ssh/config, so stowing it will probably work.
I don’t currently sync or backup the config file currently. That being said I tend to treat most config files as disposable except for a very select handful.
What are your handful you keep? I realize for me it is only .taskrc and maybe .ssh/config. Not sure there is anything else I carry around… maybe a Firefox preference file?
What’s your list?