[ANN] Encrypted Credential Store for Windows
Martin Pool
mbp at canonical.com
Mon Jan 31 07:41:03 UTC 2011
On 30 January 2011 01:00, vila <v.ladeuil+lp at free.fr> wrote:
> > <scheme> should be something like 'http' or 'ftp'. It won't work for ssh
> > or sftp since Bazaar requires the use of an ssh-agent for those schemes.
>
> We recommend using ssh agents because they are more suited for ssh
> connections because they are audited for security whereas
> authentication.conf and bzr hasn't been yet (and keeping small code
> bases for audit purposes is the Right Thing to do). Your plugin does
> exactly that.
If bzr can't get paramiko ssh passwords from a plugable credential
store, that's a bug. Assuming you are using passwords and using
paramiko inprocess in bzr, nothing is gained by not having the
password stored in cryptoapi.
Martin
More information about the bazaar
mailing list