1

Fossil has support for encrypted repositories (https://fossil-scm.org/home/doc/trunk/www/encryptedrepos.wiki) using the SQLite Encryption Extension. I have made a build of fossil using the open source SQLCipher SEE extension (https://github.com/sqlcipher/sqlcipher) to play around with it.

As noted in the documentation each fossil command asks the user for the passphrase to decrypt the underlying sqlite database before performing the vcs functions.

  • If there is a central repository Bob and Alice are committing to in order to share changes is it possible to prompt them for the passphrase via SSH or must you run the http/scgi server so the passphrase is stored in memory?

  • The recommended way of backing up a fossil repo is done by running something like fossil sql "vacuum repository into repo.backup" that way an uncommitted transaction doesn't copied (if you use plain cp). Is there a way to make a complete backup of the encrypted repository without having to type the passphrase so it can be automated with something like cron?

Gary Howe
  • 103
  • 2
  • 6
  • 1
    It would be worth asking (copy/pasting) this question on the Fossil forums: https://fossil-scm.org/forum/forummain (you don't need to register to post). In other news (not that it helps with the password prompting thing), a new 'backup' function has just been added (which basically just runs the command you said). I have a feeling that for cron, you might need to call on a keychain/password manager from the bash script/cron job that calls Fossil. – trapper_hag Jul 29 '20 at 10:40
  • Ah yeah, a password manager might be the way to go for this case. I didn't think of that. Thanks for the tips. – Gary Howe Jul 29 '20 at 15:05
  • https://fossil-scm.org/forum/forumpost/ba4d0418f1 cross reference – Gary Howe Jul 30 '20 at 01:38

0 Answers0