# # patch "ChangeLog" # from [7ea13e6ee21fdeb720e6317972e61d061cd694bc] # to [101d39c4897b9ab25aac9283413e6a494061211b] # # patch "monotone.texi" # from [8af73572851f7411e064aab907c3d296ce4d4191] # to [d83ad8778e1687441a9696c297cfb5f78b2e56a4] # --- ChangeLog +++ ChangeLog @@ -1,3 +1,9 @@ +2005-07-09 Nathaniel Smith + + * monotone.texi (Generating Keys): Make it a little clearer that + we aren't necessarily recommending people store their passphrase + in plaintext. + 2005-07-07 Nathaniel Smith * contrib/ciabot_monotone.py (Monotone.log): Fix to work with --- monotone.texi +++ monotone.texi @@ -1198,13 +1198,13 @@ the same name or the same fingerprint. This output shows one private and one public key stored under the name address@hidden@@juicebot.co.jp}, so it indicates that Jim's key-pair has -been successfully generated and stored. On subsequent commands, Jim -will need to re-enter our passphrase in order to perform -security-sensitive tasks. To simplify matters, Jim decides to store -his security passphrase in his @code{monotonerc} file, by writing a address@hidden function} which returns the passphrase, so that he does not -need to repeatedly be prompted for it: address@hidden@@juicebot.co.jp}, so it indicates that Jim's key-pair has been +successfully generated and stored. On subsequent commands, Jim will need +to re-enter his passphrase in order to perform security-sensitive +tasks. Jim isn't very worried about security (and, more importantly, it +simplifies the tutorial text to skip the passphrase prompts) so he +decides to store his passphrase in his @code{monotonerc} file. He does +this by writing a @emph{hook function} which returns the passphrase: @smallexample @group @@ -1217,10 +1217,11 @@ @end group @end smallexample -Note that we are appending the new hook to the (possibly existing) file. -We do this to avoid loosing other changes by mistake; therefore, be sure -to check that no other @code{get_passphrase} function appears in the -configuration file. +Now whenever monotone needs his passphrase, it will call this function +instead of prompting him to type it. Note that we are appending the new +hook to the (possibly existing) file. We do this to avoid losing other +changes by mistake; therefore, be sure to check that no other address@hidden function appears in the configuration file. Abe and Beth do the same, with their secret passphrases.