Hello,
I was reading the FreedomBox manual about Gitweb and saw that it suggests putting your username and password in the remote URL, which then gets saved in plain text in each repository’s .git/config. I’m not an expert, but I was wondering if there’s a better way to handle this.
Would it make sense to use the ~/.netrc file for storing Gitweb credentials instead? I found that this is a common method for network authentication on UNIX systems, and it’s described in the GNU Inetutils manual (see: GNU Inetutils manual: The .netrc file). Using .netrc could make things easier, especially when collaborating, since you only need to set your credentials once and not in every repo.
A typical entry looks like this:
machine my.freedombox.rocks
login myusername
password mypassword
You can also set the file permissions to keep it private (e.g., chmod 600 ~/.netrc).
Is there a reason why ~/.netrc isn’t recommended in the manual? Are there any downsides to using it with FreedomBox?
Thanks for any advice!
Nice question, @fefekrzr. Git provides various ways to configure credential helpers, but netrc files are not mentioned. However, it may be possible to hook them up with a custom script.
There’s an example in the upstream documentation:
Cheers & HTH,
Axel
My main goal was to avoid a global git config since I use multiple devices and wanted something portable and easy to maintain. I found that .netrc worked pretty well, since it allowed me to store credentials in one file and have git pick them up automatically.
However, I worry that .netrc isn’t specific to git and the method works because the request is made by cURL under the hood. I reckon the .netrc file can be used by other programs, so anything with access to that file could use those credentials too. That might not be ideal from a security point of view.
I was mostly curious if anyone had experience or issues with .netrc in this context. For now, I might just stick with the recommended credential helpers or per-repo configs, as suggested in the git documentation.
Thanks for sharing.
1 Like