Hacker News new | ask | show | jobs
by hkt 1458 days ago
For encrypted secrets in git I'd suggest looking at sops and password store:

https://github.com/mozilla/sops

https://github.com/android-password-store/Android-Password-S...

Both are extremely useful secrets oriented git tools with support for things like PGP encryption. Both will encrypt with multiple keys too, making sharing relatively easy. The android pass app even manages SSH keys for pushing and pulling. There may be good inspiration in those repos, or even code you can borrow.

Also, thanks so much for making this: it is elegant and lovely. Keep it up!
1 comments
vhanda 1458 days ago
I started going down this route [0], but I very quickly realised the additional overhead of the tooling was not very user friendly. In the end, I'm trying to write a custom git remote which will encrypt everything, similar to how keybase works.

Internally, the idea is to just encrypt all the git objects, one per file, and store those in a git repo. It could also be stored in S3, as storing it in a repo doesn't help, but Git Repos have the least vendor lock-in.

- [0] https://github.com/GitJournal/git-salt-box

link