We have been encrypting the key file with our SSH keys and share it along the database in a private GitHub repo. Additionally we have a single memorable password as preshared key. Works well for our small admin group.