[Swan-dev] rsasigkey --password
D. Hugh Redelmeier
hugh at mimosa.com
Sun Feb 9 05:41:09 EET 2014
The code treats a password of <configdir>/nsspassword as special: it
signifies that the password should come from that file.
That was undocumented in rsasigkey(8), so I've fixed that.
But I think that this is very odd. Probably a mistake.
- it uses inband signalling, really dumb in security contexts
- the signal is awkward to type and depends on knowing the <configdir>
Surely it would be better to have a different flag for this purpose.
Perhaps --passwordfile.
More information about the Swan-dev
mailing list