On linux currently, both when using a headless server and when using the normal client the token that the factorio uses is saved in plaintext in the config file.
It would be nice if we could specify an encryption and e.g. an ssh or an age key to encrypt the token with.
I am using NixOs and currently when setting up the server i have to decrypt my token to write it into the config and then have it on my system decrypted, which is ok, but not the preferred way .
Looking forward to 2.0, you guys rock!
Best Holli
Allow an encrypted version of the token to be stored
Moderator: ickputzdirwech
Allow an encrypted version of the token to be stored
- Attachments
-
- Screenshot_20240427_223131.png (112.49 KiB) Viewed 789 times
Re: Allow an encrypted version of the token to be stored
So you want to enter a password to decrypt it every time you start the game?
If you want to get ahold of me I'm almost always on Discord.
-
- Filter Inserter
- Posts: 530
- Joined: Mon Feb 05, 2018 10:01 am
- Contact:
Re: Allow an encrypted version of the token to be stored
Looks like they want to store the game password in an encrypted file on the server host?
Re: Allow an encrypted version of the token to be stored
If something is encrypted someone needs to provide a key to decrypt it. That just sounds like “don’t keep me signed in” with extra steps.
If you want to get ahold of me I'm almost always on Discord.
-
- Filter Inserter
- Posts: 530
- Joined: Mon Feb 05, 2018 10:01 am
- Contact:
Re: Allow an encrypted version of the token to be stored
I work on servers with service accounts that automagically decrypt everything so much that I had honestly forgotten that.
You just get used to storing everything encrypted, and trusting the service account to have the keys and sort it out for you.
Of course, then when you get it it's already been automagically decrypted...
---
Yeah, this is making less and less sense.
You just get used to storing everything encrypted, and trusting the service account to have the keys and sort it out for you.
Of course, then when you get it it's already been automagically decrypted...
---
Yeah, this is making less and less sense.
Re: Allow an encrypted version of the token to be stored
I thought about it some more, and i think generally having the token is probably ok, I just really came across this problem, because I both wanted my configuration publicly available and declaratively saved in the config, which basically had me running into the encryption issue.
Currently I just have an age key that is used to decrypt the token everytime it is being built, but then the token still ends up in plain text somewhere.
I dont really have a solution at the top of my head, unless you are using a hardware key you would end up having to put a password in or having the private key on the system, which would put you back to square one.
So generally my idea, which sounded much better in my head 2 days ago isnt that great