1. Forum
  2. Usenet
  3. NEWS.SOFTWARE.READERS

  • [slrn] store nnrpaccess credentials outside of slrnrc?

    From Profoundly Nerdy@21:1/5 to All on Sat Nov 4 19:54:15 2023
    I am setting up slrn for the first time. I noticed that slrnrc stores
    NNTP credentials in plain text. That's not ideal. I'd like to store my credentials in an external password manager, such as `pass`[^1].

    Is it possible to do one of two things:

    1. Call an external program that provides the username and password to nnrpaccess at runtime?
    2. Or, reference a file external to slrnrc that contains the
    credentials?

    Option #2 is still not perfect, but at least I can lock down the
    credentials themselves separate from the configuration file.

    [^1]: <https://www.passwordstore.org/>


    --
    Profoundly Nerdy

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Phil Boutros@21:1/5 to Profoundly Nerdy on Sun Nov 5 21:12:04 2023
    Profoundly Nerdy <profoundlynerdy@invalid.invalid> wrote:
    I am setting up slrn for the first time. I noticed that slrnrc stores
    NNTP credentials in plain text. That's not ideal. I'd like to store my credentials in an external password manager, such as `pass`[^1].

    Is it possible to do one of two things:

    1. Call an external program that provides the username and password to nnrpaccess at runtime?

    Anything is possible if you want to write the code for it. If you
    can write it in S-Lang, you can interpret any file from your .slrnrc.
    I suspect the limitation here will be your password manager.

    2. Or, reference a file external to slrnrc that contains the
    credentials?

    That part is trivial. You can include any other config file in
    your main config file.

    https://www.slrn.org/docs/slrn-manual-5.html#include


    Phil
    --
    AH#61 Wolf#14 BS#89 bus#1 CCB#1 SENS KOTC#4
    philb@philb.ca http://philb.ca

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From rek2 hispagatos@21:1/5 to Profoundly Nerdy on Mon Nov 6 00:53:35 2023
    On 2023-11-04, Profoundly Nerdy <profoundlynerdy@invalid.invalid> wrote:
    I am setting up slrn for the first time. I noticed that slrnrc stores
    NNTP credentials in plain text. That's not ideal. I'd like to store my credentials in an external password manager, such as `pass`[^1].

    Is it possible to do one of two things:

    1. Call an external program that provides the username and password to nnrpaccess at runtime?
    2. Or, reference a file external to slrnrc that contains the
    credentials?

    Option #2 is still not perfect, but at least I can lock down the
    credentials themselves separate from the configuration file.

    [^1]: <https://www.passwordstore.org/>


    I agree 100% is why I asked the community to support new software
    that takes privacy and security as a main concern, never have plain text passwors in your ENV or home directory anyone working in infosec knows this
    old software lacks this way of thinking .

    I know 2-3 projects that devs dropped it or are about because
    nobody helps them with QA and testing and all this projects support
    calling password managers like pass/gopass/bitwarden-cli etc from the config file, supports encryption and such, but their support for usenet is 50%
    because of lack influence

    Happy Hacking

    ReK2
    --
    Profoundly Nerdy


    --
    - {gemini,https}://{,rek2.}hispagatos.org - mastodon: @rek2@hispagatos.space
    - [https|gemini]://2600.Madrid - https://hispagatos.space/@rek2
    - https://keyoxide.org/A31C7CE19D9C58084EA42BA26C0B0D11E9303EC5

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)