I use etckeeper, but only keep the repository locally. I use it so I can keep track of what changes there are to /etc, to help with that time when something breaks.

I'm still a little disappointed it doesn't ignore /etc/shadow by default. I can't imagine a valid use case for keeping /etc/shadow in source control.

Clearly there are reasons to keep /etc/passwd in version control. Changes to /etc/passwd often need to be synchronized with changes to /etc/shadow.

For something like professionally administered servers accessible only via ssh asymmetric keys, /etc/shadow may not be considered so sensitive that it's worth the risk of having it be an exceptional cases in version control.

That's indeed a bad idea. etckeeper creates a local repository in a protected .git directory inside /etc, don't confuse git with github or other hosting services. I use etckeeper on various machines, just to track changes in configuration files (both those caused by people and package updates). On top of that I use a conventional encrypted backup solution. I never push or pull the git repo anywhere, and I think that's the normal way of working with etckeeper.