On 2012-10-01, Shaun Thomas <sthomas@optionshouse.com> wrote:
> On 10/01/2012 12:19 PM, Darren Duncan wrote:
>
>> You should never put your passwords (or private keys) in source control;
>> it would be better to use the puppet/bcfg option.
>
> That was kind of my point. Puppet / Bcfg2 have the same problem. About a
> dozen people have access to our bcfg2 repo than I would want to know the
> contents of .pgpass.
>
Ccould you put a script or binary containing an encrypted .pgpass in
the repository instead? would that solve the problem?
--
⚂⚃ 100% natural