Open qwertologe opened 7 years ago
I'm not sure what you expect that "feature" todo, can you elaborate a bit more?
Sorry for the late answer!
I am not sure if i understand the handling but i did my best. Here are my problems:
$ dpkg -l trocla
...
ii trocla 0.2.3-1 all generate and store passwords and
$ trocla -v
0.2.3.
# creating non-random passwords with format != plain - e.g. sha1:
$ trocla create user1 sha1 # generates random sha1 and plain
$ trocla set user2 sha1 # asks and generates sha1, but no plain
Enter your password: xxx
Repeat password: xxx
# here is my try (enter a password which is stored in plain and sha1 or md5crypt...):
$ trocla create user3 sha1 --no-random # assumed: asks and generates sha1 and plain - but:
Action failed with the following message: Password must be present as plaintext if you don't want a random password
(See full trace by running task with --trace)
$ trocla create user3 sha1 --no-random -p foo # same problem
Action failed with the following message: Password must be present as plaintext if you don't want a random password
(See full trace by running task with --trace)
$ echo -n foo | trocla create user3 sha1 --no-random -p # same problem
Action failed with the following message: Password must be present as plaintext if you don't want a random password
(See full trace by running task with --trace)
# testing workarounds (part1):
$ trocla set user4 sha1 --no-random -p foo # creates but without plain
$ trocla set user4 plain --no-random -p foo # sha1 is gone, only plain remains
# testing workarounds (part2):
$ trocla create user5 sha1
{SHA}kQslyuxgrLcqU9l7XTgwxn8hZdU=
$ cat trocla.yaml
---
user5:
plain: AlnC)BoYvX*Ry]JL
sha1: "{SHA}kQslyuxgrLcqU9l7XTgwxn8hZdU=\n"
$ trocla set user5 plain -p foo
$ cat trocla.yaml # plain is replaced, sha1 is removed
---
user5:
plain: foo
# testing workarounds (part3):
$ trocla create user6 sha1
{SHA}vZNCeAjTh5ehBzWShDvvg/5RCRc=
$ cat trocla.yaml
---
user6:
plain: 8r:]ihU2-HpEM/h_
sha1: "{SHA}vZNCeAjTh5ehBzWShDvvg/5RCRc=\n"
$ trocla set user6 sha1 -p foo
$ cat trocla.yaml # sha1 is replaced, plain remains
---
user6:
plain: 8r:]ihU2-HpEM/h_
sha1: "{SHA}C+7Hteo/D9vJXQ3UfzxbwnXaijM=\n"
So I tried again to understand your use-case, to see where we could improve the cli UX (besides the help). For every step I assume the trocla database is empty.
Usecase:
You can do that by using
trocla set user2 sha1
This will ask you for the plain text password, and create a sha1 of that one, but not store the plain-text one.
If you want to store the plain text password, you can first set the plain text:
trocla set user2 plain
And then create the sha1 from that one:
trocla create user2 sha1
This will store both plain and sha1 version of the password. It requires 2 steps:
trocla set user2 plain
trocla create user2 sha1
Which I don't see as a big deal or do I miss something?
I did expect the --no-random parameter to work together with create (which doesn't). Not a real problem - you can close it if you want.
But what should be the behavior? --no-random
tells to not create a random password and if none is present, a random one would need to be created. What would you expect not to be random?
I expected it to ask for the password.
creates the following output:
As i understand, this feature is not implemented but would be really helpful (one step instead of two).