[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] --non-interactive: run in non-interactive

From: Thomas Keller
Subject: Re: [Monotone-devel] --non-interactive: run in non-interactive
Date: Fri, 01 Feb 2008 09:57:19 +0100
User-agent: Thunderbird (X11/20070801)

Hash: SHA1

Stephen Leake schrieb:
> Thomas Keller <address@hidden> writes:
>> So, while its perfectly possible to do some rcfile tickery like
>> William wrote in an earlier email, I think it would be better if we
>> would include some kind of native support for asking for a key
>> passphrase over stdio and/or even have some explicit
>> "need_key_password" (which returns a boolean) and "set_key_password"
>> (which could be used if a user has no get_passphrase / ssh-agent setup
>> whatsoever) automation commands. I know this probably might not be
>> very secure, but it would be damn convenient for automate developers
>> like me...

> I don't see what the security issue is. Unless the connection between
> the front-end and the back-end is over an unencrypted network?

Well, I thought more about the implementation in an automate client
which ideally should store the password somewhere securely to not have
to prompt the user over and over again. But then there surely might
exist a neat possibility to use native keychaining on some platforms
(kde wallet on Linux, keychain on osx, and maybe there is even something
available on Windows). And maybe the prompting is not that huge problem
if the stdio process in the background keeps running for all tasks.


- --
GPG-Key 0x160D1092 | address@hidden |
Please note that according to the EU law on data retention, information
on every electronic information exchange might be retained for a period
of six months or longer:

Version: GnuPG v2.0.4-svn0 (GNU/Linux)
Comment: Using GnuPG with SUSE -


reply via email to

[Prev in Thread] Current Thread [Next in Thread]