问题
I've already looked around, and since i'm no security or encryption expert, I am still confused on how to implement encryption in my program. I need a server to login to its gitHub account to update code files with special headers. The only hang-up I have right now is how to store/retrieve the server's credentials.
PushOptions push = new PushOptions
{
Credentials =
new UsernamePasswordCredentials
{
Password = "password",
Username = "Username"
}
};
How would I encrypt these credentials for storage? I know its a bad idea to store them in the code like the example is, and it would be a bad idea as well to store them in any file unencrypted.
Also, the only user interaction I want occurs when they compile and setup the program on the server. It's as a cronjob on a linux server, in-case that makes a difference. Another detail to note, I'm using libgit2sharp, but previously was using a bash script and ssh to authenticate for testing.
回答1:
The best solution I've found is simply putting them in the log file, since the server will already be password protected, and I could make it so only one user (and I guess root) would be able to read them, but few people would know the server exists, and only one should know where exactly to find them and have the credentials to do so.
Despite the lack of security, it accomplishes the purpose, and still has enough security. If someone unwanted gets the credentials, its easy enough to reset a couple of passwords so they lose access to the gitHub account.
来源:https://stackoverflow.com/questions/24917593/storing-credentials-for-automated-use