mvn --encrypt-master-password< password> :选择< password>的良好做法?应该是哪个级别的隐私? [英] mvn --encrypt-master-password <password> : Good practice for choosing <password>? Which level of privacy should it be?
问题描述
我正在学习使用 maven密码加密功能,我会想知道如何选择参数<password>.我不明白两件事:
I am learning to use maven password encryption capabilities and I would like to know how to choose the parameter <password>. There are two things that I don't understand:
由于encrypted master password始终是不同的,所以我只看到两种可能性:
Since the encrypted master password is always different, I see only two possibilities:
- 本地属性存储在某处,以便可以使用它解密
encrypted master password以获取master password.这意味着我们的encrypted server passwords仅可在本地使用. - 什么也没有存储,
master password没有用,也没有关系.
- A local property is stored somewhere so that it can be used to decrypt the
encrypted master passwordto get themaster password. That means that ourencrypted server passwordscan only be used locally. - Nothing is stored and the
master passwordis useless and doesn't matter at all.
所以,我的问题是:
什么存储在本地?我的
master password会保持安全吗?我没有想到的第三种可能性吗?
What is stored locally? Will my
master passwordremain safe? Is there a third possibility I didn't think of?
2)在Maven网站上这样写:
还请注意,拥有主密码和设置安全文件的人可以解密加密的密码.如果您预计可能会检索到settings.xml文件,请确保此文件的安全(或单独存储).
Also note that the encrypted passwords can be decrypted by someone that has the master password and settings security file. Keep this file secure (or stored separately) if you expect the possibility that the settings.xml file may be retrieved.
如果settings security file是要保护的东西,为什么我还要麻烦地选择一个较强的主密码?我不能只使用foobar并保持我的settings security file安全吗?
If the settings security file is the thing to protect, why should I bother choosing a strong master password? Can't I just use foobar and keep my settings security file safe?
此外,看起来具有两个文件(settings security file和settings file)的某人将不需要master password连接到Maven服务器.他可以在不知道密码的情况下使用我们的身份. master password是解密servers passwords所需的唯一"(获取纯文本).但是话又说回来,保护settings security file应该是可行的方法,而master password仍然没有用.
Also, it looks like someone with the two files (settings security file and settings file) would not need the master password to connect to the maven servers. He could use our identity without knowing the passwords. The master password is "only" needed to decrypt the servers passwords (to get them plain text). But then again, protecting the settings security file should be the way to go and the master password would remain useless.
我的问题:
master password有多重要?我要记住吗?我可以使用一个长随机词组并将其永久忘记吗?
How important is the
master password? Have I got to remember it? Can I use a long random phrase and forget it forever?
PS:此处.我找不到答案.
PS: I couldn't find my answer here.
推荐答案
第一个密码仅用于生成主密码,然后您可以将其忘记.它是使用加密机制和伪随机组件生成的.结果,不可能解密它.除了安全性设置文件中的主密码之外,本地没有其他存储,并且不会再提示或询问.
First password is used to generated the master password only, then you can forget it. It is generated using encryption mechanisms and pseudo-random component. As a consequence of that, it should not be possible to decipher it. There is nothing else stored locally than your master password in your security-settings file and it won't be ever prompted or asked again.
此主密码用于对设置文件中的密码进行加密和解密.它具有与用户输入的密码相同的值,但是几乎不可能推断出它.
This master password is used to cipher and decipher passwords in your settings file. It has the same value as an user-introduced password, but it is almost impossible to deduce it.
然后:
-
除了安全性设置文件中的主密码之外,本地没有其他存储,并且不会再被提示或再次询问.所有安全性都存在于安全性设置文件的安全性中.
There is nothing else stored locally than your master password in your security-settings file and it won't be ever prompted or asked again. All the safety resides in the safety of the security-settings file.
主密码不是很重要,您可以立即忘记.您可以使用任何您想要的东西.
The master password is not really important and you can forget immediately. You can use whatever you want.
我不喜欢这种方法来保护我的密码,我想拥有一个真正的密码加密机制,并且没有存储一个真正的主密码.带有密码策略的公私钥似乎更好.
I don't like this approach to protect my password and I would like having a real password cyphering mechanism with a real master password not stored. Public-private key with password strategies seems to be better.
这篇关于mvn --encrypt-master-password< password> :选择< password>的良好做法?应该是哪个级别的隐私?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
