Mailinglist Archive: opensuse-buildservice (88 mails)

< Previous Next >
Re: [opensuse-buildservice] osc use_keyring without windowmanager
  • From: Hans-Peter Jansen <hpj@xxxxxxxxx>
  • Date: Sat, 01 Feb 2020 13:06:34 +0100
  • Message-id: <49398918.iVHv8ENmZk@xrated>
Am Donnerstag, 23. Januar 2020, 11:01:03 CET schrieb Marco Strigl:
On 1/22/20 8:53 PM, Hans-Peter Jansen wrote:
Am Dienstag, 21. Januar 2020, 11:18:32 CET schrieb Marco Strigl:

And there is:
https://build.opensuse.org/package/show/home:frispete:python/python-keyrin
gs.cryptfile

If you give it a try, please report back...

I just installed it and it works nice and without problems.

Thanks for the feedback, Marco, and sorry for the delay.

The only downside is that you have to enter the password for the keyring
(cryptfile) everytime. Or am I missing something?

No, that's correct. Of course, you can provide the key by other means, but
then, you fiddle with plaintext passwords again, hence it doesn't buy you
anything.

The aim of keyrings.cryptfile was to provide a secure portable storage of
secrets in the least complex fashion (for auditing purposes). It attempts to
narrow the attack vector to short code passages, but isn't secured against
runtime attacks well, yet.

If you have ideas, how to improve the keyring password handling for osc, let
me know.

Cheers,
Pete


--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx

< Previous Next >