Comment by 8cvor6j844qw_d6
2 days ago
> stop pasting secrets into Slack
You got me interested. I've seen sharing of API keys via Discords in hackathons.
2 days ago
> stop pasting secrets into Slack
You got me interested. I've seen sharing of API keys via Discords in hackathons.
You can use the age tool to encrypt secrets based on ssh public keys.
Here's a small shell script I use https://github.com/mhitza/toolbox/blob/main/scripts/encrypt-...
That's handy and obviously a major security increase compared to sharing on Discord, but I feel compelled to quote the age README:
> Keep in mind that people might not protect SSH keys long-term, since they are revokable when used only for authentication, and that SSH keys held on YubiKeys can't be used to decrypt files.
https://github.com/FiloSottile/age?tab=readme-ov-file#encryp...