Am Donnerstag, 23. Januar 2020, 11:01:03 CET schrieb Marco Strigl:
On 1/22/20 8:53 PM, Hans-Peter Jansen wrote:
Am Dienstag, 21. Januar 2020, 11:18:32 CET schrieb Marco Strigl:
And there is: https://build.opensuse.org/package/show/home:frispete:python/python-keyrin gs.cryptfile
If you give it a try, please report back...
I just installed it and it works nice and without problems.
Thanks for the feedback, Marco, and sorry for the delay.
The only downside is that you have to enter the password for the keyring (cryptfile) everytime. Or am I missing something?
No, that's correct. Of course, you can provide the key by other means, but then, you fiddle with plaintext passwords again, hence it doesn't buy you anything. The aim of keyrings.cryptfile was to provide a secure portable storage of secrets in the least complex fashion (for auditing purposes). It attempts to narrow the attack vector to short code passages, but isn't secured against runtime attacks well, yet. If you have ideas, how to improve the keyring password handling for osc, let me know. Cheers, Pete -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org