存储自动使用凭据 [英] Storing credentials for automated use

问题描述

我已经环顾四周了，既然我没有安全或加密专家，我仍然对如何在我的程序中实现加密感到困惑。我需要一个服务器登录到它的gitHub帐户来更新具有特殊标题的代码文件。我现在唯一的挂断是如何存储/检索服务器的凭据。

  PushOptions push = new PushOptions 
 {
 Credentials = 
 new UsernamePasswordCredentials 
 {
 Password =password，
用户名=用户名
} 
}; 
  

如何加密这些凭据进行存储？我知道这是一个坏主意，将它们存储在代码中，就像示例一样，将它们存储在未加密的任何文件中也是一个坏主意。

另外，当我们在服务器上编译和设置程序时，需要发生唯一的用户交互。它是一个linux服务器上的cronjob，如果有所不同。另一个细节要注意，我使用libgit2sharp，但是以前使用bash脚本和ssh进行身份验证。

解决方案

我发现最好的解决办法就是将它们放在日志文件中，因为服务器已经被密码保护了，我可以这么做，所以只有一个用户（我猜根）可以读取它们，但很少有人将知道服务器存在，只有一个应该知道在哪里找到它们并拥有这样的凭据。

尽管缺乏安全性，但它实现了目的，而且还有足够的安全性。如果有人不知道得到凭据，它很容易重新设置几个密码，以便他们无法访问gitHub帐户。

I've already looked around, and since i'm no security or encryption expert, I am still confused on how to implement encryption in my program. I need a server to login to its gitHub account to update code files with special headers. The only hang-up I have right now is how to store/retrieve the server's credentials.

PushOptions push = new PushOptions
{
    Credentials =
    new UsernamePasswordCredentials
    {
        Password = "password",
        Username = "Username"
    }
};

How would I encrypt these credentials for storage? I know its a bad idea to store them in the code like the example is, and it would be a bad idea as well to store them in any file unencrypted.

Also, the only user interaction I want occurs when they compile and setup the program on the server. It's as a cronjob on a linux server, in-case that makes a difference. Another detail to note, I'm using libgit2sharp, but previously was using a bash script and ssh to authenticate for testing.

解决方案

The best solution I've found is simply putting them in the log file, since the server will already be password protected, and I could make it so only one user (and I guess root) would be able to read them, but few people would know the server exists, and only one should know where exactly to find them and have the credentials to do so.

Despite the lack of security, it accomplishes the purpose, and still has enough security. If someone unwanted gets the credentials, its easy enough to reset a couple of passwords so they lose access to the gitHub account.

这篇关于存储自动使用凭据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！