Hi, On Mon, Mar 08, 2021 at 09:06:07PM +0100, Max Görner wrote: > However, one issue is nagging me since I noticed it. Its that the entire > password structure is unencrypted. While the content of the files is > encrypted, the file names itself are not. I strongly dislike this leakage of > information. Now everyone who can access the repository can see which bank I > use, which servers I maintain and some of the websites I surf.
When it comes to git... which repository are you exactly concerned with? If it is only the remote one but you are okay with a readable local repo (you have your local repo on encrypted storage anyways, don't you?), you can git push to an encrypted remote. I used to use git remote gcrypt (https://github.com/spwhitton/git-remote-gcrypt) for that. It encrypts the entire remote repository with GnuPG. All you see there are hashed file names with encrypted content. HTH. Kind regards, Frank.
signature.asc
Description: PGP signature
