[Monotone-devel] passphrase management

[Brian May]

>>>>> "Ulf" == Ulf Ochsenfahrt <address@hidden> writes:

    Ulf> The passphrase dialog on commit is my biggest problem right
    Ulf> now. If the passphrase is set in the default monotonerc, then
    Ulf> I'd rather just use that. If it's not set, I have to ask the
    Ulf> user. Jon's original code would always ask the user, my
    Ulf> current code never asks. Both approaches are clearly wrong.

Why is

encrypted(private key) + passphrase stored in ~/.monotone/monotonerc

considered any better then

private key with no passphrase

?

It has always puzzled me about monotone the fact I can't create a
private key without a passphrase (at least not last time I tried), but
I can store the passphrase in clear text in a known and obvious
location on my hard-disk.

I really think that not every private key needs to be encrypted, and
there are some applications where this is better (e.g. for server use;
ssh doesn't require a passphrase to access its private key stored in
/etc/ssh).

Sidenote: For the case where the user enters the passphrase in
manually via a prompt, does monotone use non-swappable memory to store
this passphrase?
-- 
Brian May <address@hidden>