Hello,
I was reading the FreedomBox manual about Gitweb and saw that it suggests putting your username and password in the remote URL, which then gets saved in plain text in each repository’s .git/config. I’m not an expert, but I was wondering if there’s a better way to handle this.
Would it make sense to use the ~/.netrc file for storing Gitweb credentials instead? I found that this is a common method for network authentication on UNIX systems, and it’s described in the GNU Inetutils manual (see: GNU Inetutils manual: The .netrc file). Using .netrc could make things easier, especially when collaborating, since you only need to set your credentials once and not in every repo.
A typical entry looks like this:
machine my.freedombox.rocks
login myusername
password mypassword
You can also set the file permissions to keep it private (e.g., chmod 600 ~/.netrc).
Is there a reason why ~/.netrc isn’t recommended in the manual? Are there any downsides to using it with FreedomBox?
Thanks for any advice!