envchain
encpass.sh
envchain | encpass.sh | |
---|---|---|
3 | 3 | |
1,139 | 587 | |
- | 0.2% | |
0.0 | 0.0 | |
almost 2 years ago | over 1 year ago | |
C | Shell | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
envchain
-
How do you protect your secret keys in your local computer?
I use https://github.com/sorah/envchain. It stores your secrets in Keychain (macOS) or gnome-keyring.
-
Secretlint 6: masking API tokens in .bash_history and .zsh_history
Credentials are often stored as raw text in .config/ or ~/.aws. These can be found in 1Password Shell Plugins, op run, zenv, envchain, etc. to avoid storing raw tokens in files.
-
How to Handle Secrets on the Command Line
You have envchain to store secrets as ENV variables in your keyring and execute commands:
https://github.com/sorah/envchain
Not really something you would use for production web apps, I think envconsul covers that usecase:
https://github.com/hashicorp/envconsul
encpass.sh
-
Could someone review this PKGBUILD that I'm going to submit to the AUR?
https://github.com/plyint/encpass.sh/archive/v${pkgver}/${pkgname}-${pkgver}.tar.gz
-
How to Handle Secrets on the Command Line
The difficulties mentioned in the article with passing secrets on the command line is one of the reasons why we wrote encpass.sh (https://github.com/plyint/encpass.sh). We had a similar need for a lightweight solution for managing secrets for simple shell scripts on our local workstations and in restricted environments. Bonus, it can be easily customized with extension scripts to adapt functions for your own specific needs. See our keybase extension for an example -> https://github.com/plyint/encpass.sh/blob/master/extensions/...
-
Pass: The standard Unix password manager
We made an extension for encpass.sh that stores secrets in Keybase (https://github.com/plyint/encpass.sh/blob/master/extensions/...) if that sort of thing is of interest to you. Outside of personal secrets, it can be used as a sort of low cost stand in for shared secrets that you might use something like Vault for in a team environment.
What are some alternatives?
Mosh - Mobile Shell
OpenKeychain - OpenKeychain is an OpenPGP implementation for Android.
gosec - Go security checker
wpa2-wordlists - A collection of wordlists dictionaries for password cracking
platform-compat - Roslyn analyzer that finds usages of APIs that will throw PlatformNotSupportedException on certain platforms.
dotfiles - Home directory with an absurd amount of tweaks
envconsul - Launch a subprocess with environment variables using data from @HashiCorp Consul and Vault.
transcrypt - transparently encrypt files within a git repository
pass-tomb - A pass extension that helps you keep the whole tree of passwords encrypted inside a Tomb.
secretlint - Pluggable linting tool to prevent committing credential.
Android-Password-Store - Android application compatible with ZX2C4's Pass command line application