From: Johannes Schindelin <Johannes.Schindelin@gmx.de>
To: git@vger.kernel.org
Subject: Re: Using gpg and gitattributes together
Date: Fri, 29 Feb 2008 14:59:43 +0000 (GMT) [thread overview]
Message-ID: <alpine.LSU.1.00.0802291455120.22527@racer.site> (raw)
In-Reply-To: <alpine.LSU.1.00.0802270008550.22527@racer.site>
Hi,
On Wed, 27 Feb 2008, Johannes Schindelin wrote:
> I just added my .netrc to a repository where I track some files that I
> would hate to lose. However, since I mirror that repository to a
> machine where other people than me have root access, I thought that I
> encrypt the file with gpg.
>
> To make this procedure more convenient for me, I decided not to encrypt
> with a private key, but with a passphrase, and to use gitattributes to
> do the encryption for me:
>
> $ echo 'netrc filter=gpg' > .gitattributes
> $ git config filter.gpg.clean 'gpg --cipher-algo AES256 -c'
> $ git config filter.gpg.smudge 'gpg --decrypt'
> $ git add netrc
>
> It asks quite a few times for the passphrase (as expected), but I had to
> add the file twice (not expected). However, since it worked now, I am
> happy.
>
> Maybe somebody else will find this information useful.
Unfortunately, this procedure has an issue I was not able to fix, and not
even Daniel's checkout patch could fix it.
When encrypting, gpg uses a random element (to make the encryption harder
to break, I guess). So when I update netrc with "git add" (and nothing
was changed), git will have a _different_ blob.
So I just tried "git checkout netrc", hoping that the index would be
updated to say that the netrc file is current, after writing it.
But that did not work, since git checkout insisted on readding the file
(which again resulted in a different blob, and therefore netrc seems to be
out-of-date at all times).
So scrap that method.
Ciao,
Dscho
next prev parent reply other threads:[~2008-02-29 15:00 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-02-27 0:13 Using gpg and gitattributes together Johannes Schindelin
2008-02-29 14:59 ` Johannes Schindelin [this message]
2008-02-29 20:02 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.LSU.1.00.0802291455120.22527@racer.site \
--to=johannes.schindelin@gmx.de \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).