Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Passcode option (command-line) #10

Open
chrisidefix opened this issue Apr 11, 2015 · 6 comments
Open

Passcode option (command-line) #10

chrisidefix opened this issue Apr 11, 2015 · 6 comments
Labels
feature request

Comments

@chrisidefix
Copy link
Contributor

It could be useful at times to allow the user to provide the passcode at the time of calling crypto. It is partially related to issue #8, but not really a solution to it. Right now I basically am imagining the same option that gpg provides on the command-line with --passphrase.

Of course the passphrase will be visible on the commandline (and in the commandline history), if you are using this option, but the same is true if you use it with gpg directly. There are many scenarios though, where I would like to be able to call crypto, but not have to wait for it to ask for a passphrase or I might want to call it multiple times from another script and not have to manually type in the passphrase.

I already have a rough implementation for this, if you like to have a look.
@chrisidefix chrisidefix mentioned this issue Apr 11, 2015
Open
@tbloo
Copy link

tbloo commented May 24, 2015

To solve the visibility on the command line, I regularly use for gpg --passphrase-file with a temporary file containing the passphrase.

@chrissimpkins
Copy link
Owner

Christoph submitted a PR addressing this issue. we are planning to pipe the passphrase through stdin using --passphrase-fd 0 . Discussing it over on Slack if you're interested in getting involved. be happy to send an invite.

@chrisidefix
Copy link
Contributor Author

Writing an actual file to disk with the plaintext pswd inside is probably more useful for long keys (such as your private ssh key). When it comes to crypto, maybe we should also have a --passphrase-fd option (since I only implemented the fix for gpg)?

@chrissimpkins
Copy link
Owner

think that this is widely used?

@chrisidefix
Copy link
Contributor Author

Not really :) I was thinking the whole --passphrase option may not be a good idea in the end and we could probably still PIPE the passphrase to crypto, if we wanted to script it. (One thing we might want to consider is disabling the passphrase authentication, which could be annoying at times)

@chrissimpkins
Copy link
Owner

Definitely agree about the passphrase option given this issue.  I like the authentication on the encryption end, agree that it is unnecessary on the decryption side.  Will create a new issue and remove it.  


Chris

On Thu, May 28, 2015 at 7:41 AM, chrisidefix notifications@github.com
wrote:

Not really :) I was thinking the whole --passphrase option may not be a good idea in the end and we could probably still PIPE the passphrase to crypto, if we wanted to script it. (One thing we might want to consider is disabling the passphrase authentication, which could be annoying at times)

Reply to this email directly or view it on GitHub:
#10 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@chrisidefix @tbloo @chrissimpkins