What's better than storing a password in cleartext in a config file?

Having the config file specify a command that outputs the cleartext password (or other secret).


@liw what's better than that?

Having the password be passed to the command as a parameter so it will also appear in `ps`

@liw how much does secrets.example.com charge for password management?

hash("Not gonna write a git-annex special remote or anything")

@joeyh It's a free service to those who also specify all the places where the password applies, and send in a DNA sample, a complete medical history, and everything the US wants for VISA applications now. Plus their passport, ddriver's licence, and diver's licence.

For everyone else, a patch for #ick will do.

Sign in to participate in the conversation

Octodon is a nice general purpose instance. more