Comment on What self hosting feels like (It's painful, please help đĽ˛)
iamjackflack@lemm.ee â¨3⊠â¨months⊠ago
Am I the only one in this thread that too this as itâs asking for a clear text credential which is a terrible idea?
Comment on What self hosting feels like (It's painful, please help đĽ˛)
iamjackflack@lemm.ee â¨3⊠â¨months⊠ago
Am I the only one in this thread that too this as itâs asking for a clear text credential which is a terrible idea?
vithigar@lemmy.ca â¨3⊠â¨months⊠ago
A temporary one that youâre expected to remove as soon as youâve created the admin user(s) you need, but yes. It should only be there during initial setup and ideally removed before the server is ever exposed to the internet.
iamjackflack@lemm.ee â¨3⊠â¨months⊠ago
Yes because having a user remember to do something is a great line of defense, better than encrypting it from the get go. It should just be encrypted in the file.
gsfraley@lemmy.world â¨3⊠â¨months⊠ago
I think thatâs the way both Splunk and JFrog work â you generate or enter a password into the key field in a YAML file somewhere, start the service, and next time you come back itâs been hashed.
Flax_vert@feddit.uk â¨3⊠â¨months⊠ago
The step tells you to remove it after at least