[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] passphrase management
|
From: |
Timothy Brownawell |
|
Subject: |
Re: [Monotone-devel] passphrase management |
|
Date: |
Sat, 28 Oct 2006 21:27:23 -0500 |
On Sun, 2006-10-29 at 12:52 +1100, Brian May wrote:
> >>>>> "Ulf" == Ulf Ochsenfahrt <address@hidden> writes:
>
> Ulf> The passphrase dialog on commit is my biggest problem right
> Ulf> now. If the passphrase is set in the default monotonerc, then
> Ulf> I'd rather just use that. If it's not set, I have to ask the
> Ulf> user. Jon's original code would always ask the user, my
> Ulf> current code never asks. Both approaches are clearly wrong.
>
> Why is
>
> encrypted(private key) + passphrase stored in ~/.monotone/monotonerc
>
> considered any better then
>
> private key with no passphrase
>
> ?
>
> It has always puzzled me about monotone the fact I can't create a
> private key without a passphrase (at least not last time I tried), but
> I can store the passphrase in clear text in a known and obvious
> location on my hard-disk.
Yeah, it is a bit odd. It *used* to be the case that all keys were
stored in the db, and back then it certainly did make sense; if you went
and gave someone else a copy of your db without cleaning it first,
they'd get a copy of any (encrypted) private keys you had. Now that we
have saner handling of privkey storage, this does make slightly less
sense...
--
Timothy
Free (experimental) public monotone hosting: http://mtn-host.prjek.net
Re: [Monotone-devel] Questions pertaining Eclipse Integration, Nathaniel Smith, 2006/10/28