Would you trust a repository made like this to save your secrets?
github.comWhy keep something secret on a public repo? Is that not an oxymoron?
Also, I’m terms of encryption something like age[0] makes it much easier to not shoot yourself in the foot.
Just to be sure that your secrets are reasonably available, always. (i) GitHub for high availability of the repo, (ii) Openssl, even it is not flawless, it is available everywhere and battle tested (iii) Bash is bash :)
What are you using to do the encryption? How hard is the passphrase to crack?
Looking at the script, a double round with aes-256-cbc [0] is done, moreover the file is hidden among thousands of files. Like others ciphers it is vulnerable at implementation level, that is a enough long key must be chosen. Maybe the script could be improved adding a passphrase check.
[0]https://github.com/nola-a/jump/blob/f907cffcb08fd96ea91cd7f3...
Hi All,
my intention is to keep my secrets on a nice public repo, what do you think?
Thanks!