[Pharo-dev] Bloc: Safe to Store SSH Passphrase in Pharo?

Norbert Hartl norbert at hartl.name
Thu Aug 31 07:44:16 EDT 2017


> Am 31.08.2017 um 12:52 schrieb Peter Uhnák <i.uhnak at gmail.com>:
> 
> So you do not put passphrases on your ssh keys?
> 
> Not always.
>  
> Because you don't give the private key away why protect it? So imagine you have development process that includes a jenkins that needs to build the source and therefor needs access to the repository. What do you do?
> 
> I give it a password-less ssh key, encrypted in some manner. (I do not know what Jenkins offers, but both Travis and GitLab(Runner) support file/data encryption.)
> Adding the build server a password on top of the key would make no difference. If you have access to one, you have the access to the other.
> 
So deal with it outside of the image. It is the same situation as a sandbox and key chain access. Exactly what I was meaning.

Norbert


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.pharo.org/pipermail/pharo-dev_lists.pharo.org/attachments/20170831/ed6fdbef/attachment.html>


More information about the Pharo-dev mailing list