The title basically says it all, what's a good practice for storing passwords that are needed by a cronjob?
For example if you want to run a cron periodically ssh'ing into another machine, you don't just put the user and password plain in the bash script, do you?
ssh is of course a bad example because you could use a keypair, but maybe you get where I'm trying to get at. Store the password in a file encrypted with openssl? But when you look at the script that encrypts the file, you clearly have all information to just decrypt it.
I have wondered this for quite a while now, and never could I come up with an answer, any ideas appreciated.