Monday, April 29, 2013

Passwords in Source Control

This weeks blog is from John Resig, creator of jQuery.  He writes about a tip from his friend on the problem of how to store encrypted files in source control.  Normally, he, and most people I'd say, would simply not store it at all.  Instead it would remain blank and if you needed it, would email the person and get it that way.

Here he proposes a new solution, store an encrypted file and provide a way to decrypt and encrypt it.  He uses OpenSSL, specifically CAST5 in order to perform this.  He wraps this all within a nice makefile and boom, he has an easy way to perform the (de)encryption.  For the exact specifics, check out the link.  The makefile itself is very short and the main work is done all within the single openssl call.

No comments: