This repository was archived by the owner on Nov 14, 2021. It is now read-only.
This repository was archived by the owner on Nov 14, 2021. It is now read-only.
[Question] Is this a valid and safe approach? #8
Description
Some programs accept credentials in environment Variables.
My approach is described below.
My question: Is this a valid and safe approach?
-
Create an encrypted string of the environment settings:
sshcrypt agent-encrypt <<HERE export USERNAME=username export PASSWORD=password HERE
-
Different approaches possible
a. Put it into a file mycredentials like this
$( sshcrypt agent-decrypt <<'EOF'
THE CRYPTED STRING HERE
EOF
)source that file when the credentials are required
source ~/mycredentials
programs requiring credentialsb. Put a credentials-variable into your shell-startup
MY_CREDENTIALS='THE CRYPTED STRING HERE'Decrypt when required:
$( sshcrypt agent-decrypt <<<$MY_CREDENTIALS )
programs requiring credentials