[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] proposal : ~/.authinfo

From: Matthieu Moy
Subject: Re: [Gnu-arch-users] proposal : ~/.authinfo
Date: Fri, 12 Mar 2004 17:23:50 +0100
User-agent: Gnus/5.1002 (Gnus v5.10.2) Emacs/21.2 (gnu/linux)

Tom Lord <address@hidden> writes:

>     > As the ML has problems, here it is again :
>     >
> I want to gently poke you in the direction of setting up a public
> archive from which I can merge.

Is it OK ? 

(Good, it forced me to read the branching section of the tutorial !)

> Looks like a problematic convention from the little bit of data I've
> inferred from you

Clearly it can be problematic,  because you may want to have different
username  and/or password for  different things  on the  same machine.
Nevertheless, it is sufficient in  many cases, and simple to implement
and to use, so, it seems to be a good thing. 

In  terms of  security,  it is  good  to keep  clear passwords  rather
centralized. If you use only ~/.authinfo, then, you just have to chmod
600 it, and  to remove it from CD backups of  your homedir, and you're
OK. If you have one file  for tla, another for mozilla, another for X,
Y, Z, ... it is more difficult.

In  the future,  adding  an arch-specific,  and better  authentication
scheme can be a good idea.

> It'd be schwell to have it also play with a key manager.
> I wonder (semi-idly) if qagent might not be a better approach here.
> It seems to me to have a good start of a quite general interface.

I don't know  qagent. Is it an equivalent of ssh-agent  ? If so, then,
this is  a good  solution, but requires  additional software,  so it's
good to keep the simple  solution (~/.authinfo or similar) in addition
to it. 


reply via email to

[Prev in Thread] Current Thread [Next in Thread]