this post was submitted on 02 Aug 2024
801 points (96.6% liked)

Selfhosted

60409 readers
510 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] iamjackflack@lemm.ee 4 points 2 years ago (2 children)

Yes because having a user remember to do something is a great line of defense, better than encrypting it from the get go. It should just be encrypted in the file.

[–] gsfraley@lemmy.world 3 points 2 years ago* (last edited 2 years ago)

I think that's the way both Splunk and JFrog work -- you generate or enter a password into the key field in a YAML file somewhere, start the service, and next time you come back the field's been encrypted.

[–] Flax_vert@feddit.uk 1 points 2 years ago

The step tells you to remove it after at least