in reply to
plaintext password in scripts run through cron
Just to supply a paranoid alternative...you could always write yourself a small daemon that kicks off the scripts for you instead of cron (and have it parse a cron-style file). When you start up your daemon, have it prompt for the necessary passwords, or set them as environment variables. That way you don't have to store the passwords at all, but you will have to make sure you remember to restart the daemon manually if the machine gets rebooted. Since you have so many systems, I assume you're already running some kind of monitoring software, so you could have it alert you if the daemon isn't running.