On Thu, Jul 14, 2011 at 09:05:50AM -0500, Ted Zlatanov wrote: > On Fri, 01 Jul 2011 12:04:02 -0500 Ted Zlatanov <tzz@xxxxxxxxxxxx> wrote: > > TZ> On Fri, 01 Jul 2011 15:59:09 +0200 Rémi Vanicat <vanicat@xxxxxxxxxx> wrote: > > RV> It would be interesting also to plug some sort of password-safe unto > RV> git, or some "git-agent". > > TZ> This would also be really nice. ~/.netrc is not a great place to put > TZ> passwords for the HTTP transport. In GNU Emacs we have ~/.authinfo.gpg > TZ> with the same content as ~/.netrc but encrypted by GPG and thus more > TZ> secure (the user is either prompted for the password, if the file is > TZ> encrypted symmetrically, or the user simply loads their private key into > TZ> the GPG agent). I believe all this can be done with the GPGME library. > TZ> There's also the Secrets API on newer Gnome and KDE installs, which has > TZ> a pretty nice D-Bus interface. > > TZ> But is this a libcurl feature request? Or can a Git plugin (an > TZ> alternate HTTPS transport maybe?) handle it? > > Ping? I'd like to work on this if it seems like a feasible feature. Check out: https://github.com/peff/git/commits/jk/http-auth which provides an interface for getting credentials from external helpers. I need to write docs for a few of the top commits before posting the patches to the list, but other than that, it should be fairly solid and usable. And I'd love to get feedback from somebody trying to write a new helper for it (i.e., to tell if the interface to the helpers is good enough). -Peff -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html