git-crypt
git-crypt copied to clipboard
Support encrypting with passphrase
git-crypt should support encrypting with a passphrase. It would work much like GPG mode. The internal symmetric key would be encrypted with a passphrase-derived key and stored in .git-crypt/keys
.
+1
+1
:+1:
The internal symmetric key would be encrypted with a passphrase-derived key and stored in .git-crypt/keys.
Or even derived from the passphrase: I'd use something like PBKDF2 or Scrypt. It shouldn't be too difficult to implement.
I'm very interested in being able to do this. Seems like it would be possible with very little change.
Right now I can symmetrically encrypt the default key, and replace my .git-crypt/keys/default/0/<id>.gpg
file, and it works fine, requiring the symmetric passphrase.
However, it relies on the filename based on the fingerprint of my private key. Seems like implementing the feature (aside from user interface additions) merely comes down to having git-crypt try a specific filename if private keys are found.