To store passwords in GIT you need to be able to encrypt and decrypt the password. You can do that using GPG tool. Both tools are available for a variety of platforms. See the instruction below on how to install the tooling and at the very end how to use them to store password in GIT safe encrypted manner.

Install git-secret (Debian / Ubuntu)

To install git-secret in your environment, you need to run dedicated system based command. Windows / Mac / Debian and Fedora/CentOS instruction are available. For Ubuntu, it would look as fallow:

sudo sh -c "echo 'deb git-secret main' >> /etc/apt/sources.list"
wget -qO - '' | sudo apt-key add -
sudo apt-get update && sudo apt-get install -y git-secret

# Testing, that it worked:
git secret --version

For installation on installing git-secret on Fedora/CentOS, Mac or Windows, see more examples at:

Install PGP

Installing PHP is heavily platform dependent.

For Windows, you would go to:

For Mac:

For Ubuntu:

$ sudo apt-get install gnupg
$ sudo apt-get install rng-tools
$ sudo sed -i -e 's|#HRNGDEVICE=/dev/hwrng|HRNGDEVICE=/dev/urandom|' /etc/default/rng-tools
$ sudo service rng-tools start

Note that the last two steps in the Ubuntu installation notes above allow you to generate some randomness required to generate a key which is what we’re going to do next.

To generate a key pair, use one of the fallowing command:

gpg --full-generate-key // advance mode
gpg --gen-key // basic mode

To list all your public key in keyring run:

gpg --list-keys

To encrypt a file use the fallowing syntax:

gpg -e my-secrets-myname.txt // encrypt to binary
gpg -a -e my-secrets-myname.txt // encrypt to ASCII

you could also use -r flag to pass the recipient directly: gpg -a -e -r my-secrets-myname.txt. After encryption you can delete the unencrypted file. You will be able to retrieve the file when decrypting a .asc or .gpg file.

To decrypt a file, you use:

gpg my-secrets-myname.txt.asc // or .gpg

see more at:

Storing passwords in Git

Would love your thoughts, please comment.x