Mailinglist Archive: opensuse-buildservice (124 mails)

< Previous Next >
[opensuse-buildservice] Best Practice for protecting osc user credentials?
Friends.

I was walking through the scenario of setting up an osc client for a first-time
user. It became clear to me that the use case for first-time osc setup may
need to be refined. For those who don't want their password stored in clear
text in .oscrc, there are several manual steps that must be taken, which makes
the process rather clumsy.

1- install osc.rpm
2- run any 'osc' command that accesses an OBS server
osc prompts user for username and password
osc creates fresh, default ~/.oscrc file, and stores the user's password in
plaintext
3- edit ~/.oscrc
3a - remove server section, including username and password keypairs
3b - set "use_keyring=1"
or
3a - remove password keypair, and replace it with keyring=1
3b - set "use_keyring=1"
4- re-run any 'osc' command that accesses an OBS server

Is there any other way to do this the first time, to originally tell osc to use
a keyring? That is, without having to pre-create a .oscrc file?

Is there any way to inform osc that you're already running in a keyring
environment? It seems that osc presumes that no keyring management is running,
which I suppose makes sense.

--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages