You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Julien Nicoulaud (JIRA)" <ji...@codehaus.org> on 2010/09/27 21:04:33 UTC

[jira] Created: (MNG-4841) "--encrypt-password" and "--encrypt-master-password" should be interactive

"--encrypt-password" and "--encrypt-master-password" should be interactive
--------------------------------------------------------------------------

                 Key: MNG-4841
                 URL: http://jira.codehaus.org/browse/MNG-4841
             Project: Maven 2 & 3
          Issue Type: Improvement
    Affects Versions: 3.0-beta-3, 3.0-beta-2, 3.0-beta-1, 3.0-alpha-7, 3.0-alpha-6, 2.2.1, 2.0.11, 2.0.10, 2.0.9
            Reporter: Julien Nicoulaud


Password encrypting options require the password to be passed in the command line, which is not a "secure place"... You can find it later searching command history on most shells. What about just prompting for the password if none given ?

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Closed: (MNG-4841) "--encrypt-password" and "--encrypt-master-password" should be interactive

Posted by "Brett Porter (JIRA)" <ji...@codehaus.org>.

     [ http://jira.codehaus.org/browse/MNG-4841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Brett Porter closed MNG-4841.
-----------------------------

    Resolution: Duplicate
      Assignee: Brett Porter

> "--encrypt-password" and "--encrypt-master-password" should be interactive
> --------------------------------------------------------------------------
>
>                 Key: MNG-4841
>                 URL: http://jira.codehaus.org/browse/MNG-4841
>             Project: Maven 2 & 3
>          Issue Type: Improvement
>    Affects Versions: 2.0.9, 2.0.10, 2.0.11, 2.2.1, 3.0-alpha-6, 3.0-alpha-7, 3.0-beta-1, 3.0-beta-2, 3.0-beta-3
>            Reporter: Julien Nicoulaud
>            Assignee: Brett Porter
>
> Password encrypting options require the password to be passed in the command line, which is not a "secure place"... You can find it later searching command history on most shells. What about just prompting for the password if none given ?

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira