How can I save my secret keys and password securely in my version control system?

Question

I keep important settings like the hostnames and ports of development and production servers in my version control system. But I know that it\'s bad practice to kee

Answer 1

If you need VCS for your secrets you should at least keep them in a second repository seperated from you actual code. So you can give your team members access to the source code repository and they won't see your credentials. Furthermore host this repository somewhere else (eg. on your own server with an encrypted filesystem, not on github) and for checking it out to the production system you could use something like git-submodule.