Oxidized stores network device credentials and full configuration backups.
¶ Credential and Secret Security
- Store device credentials in secure backend (not plaintext repo files).
- Use least-privilege read-only accounts on network devices where possible.
- Rotate device access credentials regularly.
- Restrict access to Git repository containing configs.
- Encrypt backups and replicate to secure storage.
- Monitor commits for unexpected mass config changes.