Not storing passwords in cleartext
Matthieu Moy
Matthieu.Moy at imag.fr
Sun Nov 20 10:51:47 GMT 2005
Robey Pointer <robey at lag.net> writes:
> I think it should track url type too.
Then, ~/.authinfo is not the answer. The advantage of it is that it is
user by other pieces of software (Gnus, mutt, slrn at least), so,
reusing it means 1) less to type if you use the same
machine/login/password and 2) only one chmod 600 not to forget.
> I'm likely to have a different password for my website and sftp,
> even though they use the same machine name.
By curiosity, would it be for the same username?
What I've implemented in Bazaar is: if you don't provide the username,
it is found from the machine name in ~/.authinfo. If there are several
lines with the same machine in ~/.authinfo, then you have to provide
the username in the URL, and it will fetch the corresponding password
in the ~/.authinfo file.
If we decide not to use the .authinfo syntax, then we probably also
want to keep the full URL, since you may have different WebDAV
passwords and/or login in different directories for the same host.
How about a .ini file like
[http://host.com]
login=<default login for host.com with http>
password=<defauld pass for host.com with http>
password=<password for user John> login=john
login=<login for http://host.com/webdav/jane directory> path=webdav/jane
password=<password for http://host.com/webdav/jane directory> path=webdav/jane
--
Matthieu
More information about the bazaar
mailing list