tags:

views:

189

answers:

2
+1  Q: 

How would you store encrypted information in public DVCS repository?

Hello Everyone,

I have projects that multiple developers are working on. We all work off the same git repository.

Currently, I do not store production server configuration in the repository, because the configuration files contain database credentials.

I would like to start storing these configurations in the repository, so I'm thinking about encrypting the configuration files before saving them in the DVCS.

  1. What do you guys think about this idea?
  2. How would go about doing this?
+4  A: 

Why do those secrets need to be stored in the public repository?

I would use a completely different mechanism for distributing those secrets, which is only accessible to those admins who need access to them.

ndim  2009-11-22 20:28:09
Like what?.....
tarasm  2009-11-22 20:31:19
Like a separate repo with just the secret config files with admin-only access to the whole repo. Or whatever else sysadmins use for that stuff. Puppet and its software configuration brethren come to mind. This is getting more in sysadmin territory than in programming territory, though.
ndim  2009-11-22 20:40:17
That could be a solution actually because then I could version control the settings, but they would be versioned separately from the source code, which is a problem.
tarasm  2009-11-22 20:47:02
Why is them being versioned separately a problem? Do your server passwords or certificates change suddenly when someone fixes a one-off bug in some array handling in the user interface?
ndim  2009-11-22 20:58:09
+1  A: 

We encrypt passwords in the configuration files, and the application uses a key entered interactively at runtime to decrypt them. Because of the configuration system we use, only the configuration parser needed modification; the application code itself required no changes.

The main drawback is that we use a public-key algorithm, so that anyone can encrypt a value for the configuration file, but only authorized users can decrypt them. This makes the encrypted values much larger (we use 2048-bit RSA key, and encode with Base-64) and kind of ugly in the configuration files.

We are always careful to encode metadata along with the encrypted value. This identifies the encryption key, the algorithms used, and the parameters needed for the algorithms. That way, we can gracefully change keys or algorithms, migrating over some period of time.

erickson  2009-11-22 22:23:11

related questions

How to have two remote orgins for Git?
Why is branching and merging easier in Mercurial than in Subversion?
Is there a better way of writing a git pre-commit hook to check any php file in a commit for parse errors ?
Bug tracker setup with Git integration?
Does git have anything like `svn propset svn:keywords` or pre-/post-commit hooks?
git-stash vs. git-branch
Git "bad sha1 file" error
Should I use GitHub+Fogbugz or Assembla?
How do you remove a specific revision in the git history?
How do you organise multiple git repositories?
What is the Difference Between Mercurial and Git?
How do I restore files to previous states in git?
Is there anything like TortoiseCVS and TortoiseSVN for git?
Good Git repository viewer for Mac
Deploying a Git subdirectory in Capistrano
How to "unversion" a file in either svn and/or git
How can I graph the Lines of Code history for git repo?
Switch branch names in git
Migrating to GIT
How can I set up an editor to work with Git on Windows?
How do you deal with configuration files in source control?
Undoing a git reset --hard HEAD~1
Version Control. Getting started...
Why is Git better than Subversion?
Distributed source control options