• iamjackflack@lemm.ee
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    2
    ·
    5 months ago

    Yes because having a user remember to do something is a great line of defense, better than encrypting it from the get go. It should just be encrypted in the file.

    • gsfraley@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      5 months ago

      I think that’s the way both Splunk and JFrog work – you generate or enter a password into the key field in a YAML file somewhere, start the service, and next time you come back the field’s been encrypted.

    • FlaxOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      The step tells you to remove it after at least