Support loading password from file

MusicPlayerDaemon / mpdscribble

a MPD client which submits information about tracks being played to a scrobbler (e.g. last.fm)

GNU General Public License v2.0

114 stars 15 forks source link

Support loading password from file #24

Open Sohalt opened 3 years ago

Sohalt commented 3 years ago

It would be helpful to support loading the password from a separate file, because it would allow to keep secrets separate from configuration.

Specifically it would help with using mpdscribble as a NixOS module, because NixOS auto-generates a world readable configuration file, which, in the current setup, has to contain the password.

Something like:

[last.fm]
url = http://post.audioscrobbler.com/
username = foobar
password_file = /var/secret/mpdscribble_password

goetzc commented 3 years ago

@Sohalt that is a good idea. Also being able to read the password from an environment variable would be nice to have.

FWIW, the password can also be in the form of a MD5 hash.

echo -n "my-password" | md5sum | cut -f 1 -d " "

Sohalt commented 3 years ago

An md5sum is not very cryptographically secure. But yes, in general using a secure cryptographic hash function would also work. But I'd prefer the separate file.

BachoSeven commented 2 years ago

@Sohalt not sure if it was clear but hashes are already supported in the configuration file.

MaxKellermann commented 2 years ago

The whole discussion about hashed passwords misses the point. Pointing out that MD5 is not considered secure these days also misses the point. Using a secure hash would be pointless, because if the hash is secure, what use would it be for mpdscribble? mpdscribble can only use the MD5 digest of a last.fm password, beacuse the last.fm server doesn't want to know the password, but its (unsalted) MD5 digest. So if you know the MD5 digest, you control the last.fm account. If last.fm would accept a secure hash instead of MD5, this wouldn't improve anything - that secure hash would still allow you to control the last.fm account.

Sohalt commented 2 years ago

True, I didn't think things trough. Mpdscribble obviously needs to authenticate, so it needs a secret, which ideally should not be in the configuration file, to allow the configuration to be shared and readable, as e.g. in the case of NixOS.

xmalbertox commented 2 years ago

Hi, just migrated to mpd (from mopidy) and over there most passwords can be queried from secret-tool and stored in the system's keyring, this approach adds a dependency in the form of secret.

Another possibility was raised in an old issue (#12), by getting the password from a user defined utility like Gnu pass or secret-tool or even gpg, this approach is quite flexible and it is used in some email utilities like mbsync.

The best approach will be dependent on how the configuration is parsed, but it would be a great addition since having the password in plain text is not very secure, regardless of being md5sum hashed or not.