Feature request: Supporting GPG encrypted netrc files #13104
escherstair
started this conversation in
Ideas
Replies: 1 comment 1 reply
-
Kerberos is one way around it, but it only works on sites supporting it. I
personally think the best way to accomplish secure secrets storage would be to
have curl access a secrets manager service over D-Bus, which doesn't currently
exist.
|
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I found that some years ago the same idea has already been posted.
I agree that probably this is a niche feature, because it applies to a specific usage scenario only.
But, as far as I understand, every time a Basic auth is needed, the credentials (useranme and password) must be stored as a plain text somewhere on the client side (either to pass them with
-u
, or base64-encoded in-H "Authentication: Basic ..."
, or in.netrc
).But in any case, whoever has access to the client PC can read the credentials as plain text.
Encrypting
.netrc
is an improvement on the security side.If there is another way to avoid storing the credentials as plain text, please point me to the relevent documentation.
Thanks
Beta Was this translation helpful? Give feedback.
All reactions