Lately at work, concern was raised about the use of a
.netrc file to store one’s Git credentials.
.netrc file has been introduced in Unix a long time ago as a mean to avoid entering username and password again and again when frequently connecting to the same FTP sites. The
.netrc is a plaintext file where credentials are stored in clear and as such it is very insecure. In order to mitigate this, some programs will refuse to read it unless it is only readable by yourself.
We can do better…