[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Monotone-devel] Re: passphrase option
From: |
graydon hoare |
Subject: |
[Monotone-devel] Re: passphrase option |
Date: |
Thu, 12 Aug 2004 09:59:18 -0400 |
User-agent: |
Opera M2/7.53 (Linux, build 737) |
On Thu, 12 Aug 2004 10:37:26 +0200 (CEST), Richard Levitte - VMS Whacker
<address@hidden> wrote:
I think both are terrible ideas from a security point of view.
Looking at the bugs page, I found an entry about adding something
similar to ssh-agent, something I like a bit better. Could that be
something to look more closely at?
yes, I mostly agreee here. even the hook is a bad -- and I hope
temporary -- hack to accomodate the lack of an agent. hook files
can be read by idle sysadmins.
that said, I haven't written an agent. so I should put my money
where my mouth is. part of the reason for delaying is that people
have suggested we just reuse ssh-agent. literally just use its keys
and everything. that's not a bad idea (their keys are as good as
ours after all) but maybe not a *great* idea (it blends your login
role and your version control role..)
any thoughts?
-graydon