diff options
Diffstat (limited to 'doc')
-rw-r--r-- | doc/de/includes/autogen_user_commands.de.adoc | 62 | ||||
-rw-r--r-- | doc/de/includes/autogen_user_options.de.adoc | 4 | ||||
-rw-r--r-- | doc/de/weechat_user.de.adoc | 23 | ||||
-rw-r--r-- | doc/en/includes/autogen_user_commands.en.adoc | 4 | ||||
-rw-r--r-- | doc/en/includes/autogen_user_options.en.adoc | 4 | ||||
-rw-r--r-- | doc/en/weechat_user.en.adoc | 22 | ||||
-rw-r--r-- | doc/fr/includes/autogen_user_commands.fr.adoc | 4 | ||||
-rw-r--r-- | doc/fr/includes/autogen_user_options.fr.adoc | 4 | ||||
-rw-r--r-- | doc/fr/weechat_user.fr.adoc | 21 | ||||
-rw-r--r-- | doc/it/includes/autogen_user_commands.it.adoc | 4 | ||||
-rw-r--r-- | doc/it/includes/autogen_user_options.it.adoc | 4 | ||||
-rw-r--r-- | doc/it/weechat_user.it.adoc | 23 | ||||
-rw-r--r-- | doc/ja/includes/autogen_user_commands.ja.adoc | 44 | ||||
-rw-r--r-- | doc/ja/includes/autogen_user_options.ja.adoc | 4 | ||||
-rw-r--r-- | doc/ja/weechat_user.ja.adoc | 23 | ||||
-rw-r--r-- | doc/pl/includes/autogen_user_commands.pl.adoc | 62 | ||||
-rw-r--r-- | doc/pl/includes/autogen_user_options.pl.adoc | 4 | ||||
-rw-r--r-- | doc/pl/weechat_user.pl.adoc | 23 |
18 files changed, 220 insertions, 119 deletions
diff --git a/doc/de/includes/autogen_user_commands.de.adoc b/doc/de/includes/autogen_user_commands.de.adoc index 64320b43e..c3b45fe01 100644 --- a/doc/de/includes/autogen_user_commands.de.adoc +++ b/doc/de/includes/autogen_user_commands.de.adoc @@ -1860,38 +1860,40 @@ Standardmäßig werden alle Konfigurationsdateien beim Ausführen des /quit Befe set <name> <value> del <name> -passphrase: ändern der Passphrase (ohne Passphrase, werden die Daten in der Datei sec.conf in Klartext gesichert) - -delete: löscht Passphrase - decrypt: entschlüsselt Daten nachträglich (dies passiert nur falls die Passphrase beim Start nicht angegeben wurde) - -discard: verwirft alle verschlüsselten Daten - set: fügt eine schutzwürdige Information hinzu oder ändert eine bestehende - del: entfernt eine schutzwürdige Information - -Ohne Angabe von Argumenten wird ein neuer Buffer geöffnet und die schutzwürdigen Informationen können dort eingesehen werden. - -Tastenbefehle für den secure-Buffer: - alt+v Werte werden in Klartext angezeigt bzw. verborgen - -Wird eine Passphrase verwendet (Daten liegen verschlüsselt vor), fragt WeeChat beim Start die Passphrase ab. -Setzt man die Umgebungsvariable "WEECHAT_PASSPHRASE", kann die Eingabeaufforderung der Passphrase beim Programmstart vermieden werden (diese Variable wird von WeeChat auch beim /upgrade verwendet). Es ist auch möglich in der Option sec.crypt.passphrase_file eine Datei anzugeben die die Passphrase beinhaltet (siehe /help sec.crypt.passphrase_file) - -schutzwürdige Daten mit dem Format ${sec.data.xxx} können wie folgt genutzt werden: - - Befehl /eval. - - Argument in der Befehlszeile für "--run-command" - - Einstellung weechat.startup.command_{before|after}_plugins - - weitere Optionen die Passwörter oder sensible Daten beinhalten (zum Beispiel: proxy, irc server und relay); nutze /help mit der entsprechenden Option um zu überprüfen ob die Daten evaluiert werden. - -Beispiele: - festlegen eine Passphrase: - /secure passphrase Dies ist meine Passphrase - verschlüsselt freenode SASL Passwort: - /secure set freenode meinPasswort +passphrase: change the passphrase (without passphrase, data is stored as plain text in file sec.conf) + -delete: delete passphrase + decrypt: decrypt data still encrypted (it happens only if passphrase was not given on startup) + -discard: discard all data still encrypted + set: add or change secured data + del: delete secured data + +Without argument, this command displays secured data in a new buffer. + +Keys on secure buffer: + alt+v toggle values + +When a passphrase is used (data encrypted), it is asked by WeeChat on startup. +It is possible to set environment variable "WEECHAT_PASSPHRASE" to prevent the prompt (this same variable is used by WeeChat on /upgrade), or to set option sec.crypt.passphrase_command to read the passphrase from the output of an external command like a password manager (see /help sec.crypt.passphrase_command). + +Secured data with format ${sec.data.xxx} can be used in: + - command /eval + - command line argument "--run-command" + - options weechat.startup.command_{before|after}_plugins + - other options that may contain a password or sensitive data (for example proxy, irc server and relay); see /help on the options to check if they are evaluated. + +Examples: + set a passphrase: + /secure passphrase this is my passphrase + use program "pass" to read the passphrase on startup: + /set sec.crypt.passphrase_command "pass show weechat/passphrase" + encrypt freenode SASL password: + /secure set freenode mypassword /set irc.server.freenode.sasl_password "${sec.data.freenode}" - verschlüsselt oftc Passwort für nickserv: - /secure set oftc meinPasswort + encrypt oftc password for nickserv: + /secure set oftc mypassword /set irc.server.oftc.command "/msg nickserv identify ${sec.data.oftc}" - Alternativbefehl um den eigenen Nick zu ghosten: - /alias add ghost /eval /msg -server freenode nickserv ghost meinNick ${sec.data.freenode} + alias to ghost the nick "mynick": + /alias add ghost /eval /msg -server freenode nickserv ghost mynick ${sec.data.freenode} ---- [[command_weechat_set]] diff --git a/doc/de/includes/autogen_user_options.de.adoc b/doc/de/includes/autogen_user_options.de.adoc index 0321f5d9b..7b167fe93 100644 --- a/doc/de/includes/autogen_user_options.de.adoc +++ b/doc/de/includes/autogen_user_options.de.adoc @@ -16,8 +16,8 @@ ** Werte: sha224, sha256, sha384, sha512 ** Standardwert: `+sha256+` -* [[option_sec.crypt.passphrase_file]] *sec.crypt.passphrase_file* -** Beschreibung: pass:none[Pfad zu einer Datei die die Passphrase enthält um damit schutzwürdige Daten zu ver- und entschlüsseln. Diese Einstellung findet nur Anwendung, wenn die Datei sec.conf gelesen wird. Es wird auch nur die erste Zeile eingelesen. Diese Datei wird nur verwendet, falls die Umgebungsvariable "WEECHAT_PASSPHRASE" nicht genutzt wird (die Umgebungsvariable besitzt eine höhere Priorität). Sicherheitshinweis: Es ist anzuraten dieser Datei nur für die eigene Person Leserechte zu gewähren und die Datei nicht im Heimatverzeichnis von WeeChat zu sichern (zum Beispiel im /home/ Order); Beispiel: "~/.weechat-passphrase"] +* [[option_sec.crypt.passphrase_command]] *sec.crypt.passphrase_command* +** Beschreibung: pass:none[read the passphrase from the output of this command (only the first line is used and it must not contain any extra character); this option is used only when reading file sec.conf and if the environment variable "WEECHAT_PASSPHRASE" is not set (the environment variable has higher priority); example with password-store: "pass show weechat/passphrase"] ** Typ: Zeichenkette ** Werte: beliebige Zeichenkette ** Standardwert: `+""+` diff --git a/doc/de/weechat_user.de.adoc b/doc/de/weechat_user.de.adoc index 312ed50bf..9aaf87ddc 100644 --- a/doc/de/weechat_user.de.adoc +++ b/doc/de/weechat_user.de.adoc @@ -2237,11 +2237,26 @@ da ansonsten die Daten in Klartext gesichert werden. /secure passphrase Dies ist meine Passphrase ---- -Wenn eine Passphrase genutzt wird fragt WeeChat diese beim Programmstart -ab (bei einem `/upgrade` ist dies nicht der Fall). +// TRANSLATION MISSING +===== Passphrase on startup -Die Passphrase kann auch in einer Datei gesichert werden (siehe Option -<<option_sec.crypt.passphrase_file,sec.crypt.passphrase_file>>). +When a passphrase is set, WeeChat will ask you to enter it on startup +(but not on `/upgrade`). + +If you are using a password manager, you can run an external program to read +the passphrase instead of having to type it manually on WeeChat startup. + +For example with password-store (command `pass`): + +---- +/set sec.crypt.passphrase_command "pass show weechat/passphrase" +---- + +The program may ask you unlock your GPG key or enter another passphrase to +read the secret. WeeChat will wait for the end of the command to read the +passphrase on the standard output (it must be on the first line without any +extra character). + +If the output contains no passphrase or if it is wrong, WeeChat will then ask +you to enter it. [[secured_data_encryption]] ===== Verschlüsselung diff --git a/doc/en/includes/autogen_user_commands.en.adoc b/doc/en/includes/autogen_user_commands.en.adoc index ffcb3199d..5ceba339c 100644 --- a/doc/en/includes/autogen_user_commands.en.adoc +++ b/doc/en/includes/autogen_user_commands.en.adoc @@ -1873,7 +1873,7 @@ Keys on secure buffer: alt+v toggle values When a passphrase is used (data encrypted), it is asked by WeeChat on startup. -It is possible to set environment variable "WEECHAT_PASSPHRASE" to prevent the prompt (this same variable is used by WeeChat on /upgrade), or to set option sec.crypt.passphrase_file to read the passphrase from a file (see /help sec.crypt.passphrase_file). +It is possible to set environment variable "WEECHAT_PASSPHRASE" to prevent the prompt (this same variable is used by WeeChat on /upgrade), or to set option sec.crypt.passphrase_command to read the passphrase from the output of an external command like a password manager (see /help sec.crypt.passphrase_command). Secured data with format ${sec.data.xxx} can be used in: - command /eval @@ -1884,6 +1884,8 @@ Secured data with format ${sec.data.xxx} can be used in: Examples: set a passphrase: /secure passphrase this is my passphrase + use program "pass" to read the passphrase on startup: + /set sec.crypt.passphrase_command "pass show weechat/passphrase" encrypt freenode SASL password: /secure set freenode mypassword /set irc.server.freenode.sasl_password "${sec.data.freenode}" diff --git a/doc/en/includes/autogen_user_options.en.adoc b/doc/en/includes/autogen_user_options.en.adoc index 05d07fea8..1a71926d2 100644 --- a/doc/en/includes/autogen_user_options.en.adoc +++ b/doc/en/includes/autogen_user_options.en.adoc @@ -16,8 +16,8 @@ ** values: sha224, sha256, sha384, sha512 ** default value: `+sha256+` -* [[option_sec.crypt.passphrase_file]] *sec.crypt.passphrase_file* -** description: pass:none[path to a file containing the passphrase to encrypt/decrypt secured data; this option is used only when reading file sec.conf; only first line of file is used; this file is used only if the environment variable "WEECHAT_PASSPHRASE" is not set (the environment variable has higher priority); security note: it is recommended to keep this file readable only by you and store it outside WeeChat home (for example in your home); example: "~/.weechat-passphrase"] +* [[option_sec.crypt.passphrase_command]] *sec.crypt.passphrase_command* +** description: pass:none[read the passphrase from the output of this command (only the first line is used and it must not contain any extra character); this option is used only when reading file sec.conf and if the environment variable "WEECHAT_PASSPHRASE" is not set (the environment variable has higher priority); example with password-store: "pass show weechat/passphrase"] ** type: string ** values: any string ** default value: `+""+` diff --git a/doc/en/weechat_user.en.adoc b/doc/en/weechat_user.en.adoc index d39f6190e..3c52531d0 100644 --- a/doc/en/weechat_user.en.adoc +++ b/doc/en/weechat_user.en.adoc @@ -2199,11 +2199,25 @@ but highly recommended, otherwise data is stored as plain text in file. /secure passphrase this is my passphrase ---- -When a passphrase is set, WeeChat will ask you to enter it on startup (but not -on `/upgrade`). +===== Passphrase on startup -You can change this behavior and use a file with the passphrase (see option -<<option_sec.crypt.passphrase_file,sec.crypt.passphrase_file>>). +When a passphrase is set, WeeChat will ask you to enter it on startup +(but not on `/upgrade`). + +If you are using a password manager, you can run an external program to read +the passphrase instead of having to type it manually on WeeChat startup. + +For example with password-store (command `pass`): + +---- +/set sec.crypt.passphrase_command "pass show weechat/passphrase" +---- + +The program may ask you unlock your GPG key or enter another passphrase to +read the secret. WeeChat will wait for the end of the command to read the +passphrase on the standard output (it must be on the first line without any +extra character). + +If the output contains no passphrase or if it is wrong, WeeChat will then ask +you to enter it. [[secured_data_encryption]] ===== Encryption diff --git a/doc/fr/includes/autogen_user_commands.fr.adoc b/doc/fr/includes/autogen_user_commands.fr.adoc index 08876550b..1807f7d26 100644 --- a/doc/fr/includes/autogen_user_commands.fr.adoc +++ b/doc/fr/includes/autogen_user_commands.fr.adoc @@ -1873,7 +1873,7 @@ Les touches sur le tampon des données sécurisées : alt+v afficher/cacher les valeurs Lorsqu'une phrase de chiffrement est utilisée (données chiffrées), elle est demandée au démarrage de WeeChat. -Il est possible de définir la variable d'environnement WEECHAT_PASSPHRASE pour éviter la demande (cette même variable est utilisée par WeeChat sur le /upgrade) ou de définir l'option sec.crypt.passphrase_file pour lire la phrase de chiffrement depuis un fichier (voir /help sec.crypt.passphrase_file). +Il est possible de définir la variable d'environnement WEECHAT_PASSPHRASE pour éviter la demande (cette même variable est utilisée par WeeChat sur le /upgrade) ou de définir l'option sec.crypt.passphrase_command pour lire la phrase de chiffrement depuis la sortie d'une commande externe comme un gestionnaire de mots de passe (voir /help sec.crypt.passphrase_command). Les données sécurisées avec le format ${sec.data.xxx} peuvent être utilisées dans : - la commande /eval @@ -1884,6 +1884,8 @@ Les données sécurisées avec le format ${sec.data.xxx} peuvent être utilisée Exemples : définir une phrase de chiffrement : /secure passphrase ceci est ma phrase de chiffrement + utiliser le programme "pass" pour lire la phrase de chiffrement au démarrage : + /set sec.crypt.passphrase_command "pass show weechat/passphrase" chiffrer le mot de passe freenode SASL : /secure set freenode motdepasse /set irc.server.freenode.sasl_password "${sec.data.freenode}" diff --git a/doc/fr/includes/autogen_user_options.fr.adoc b/doc/fr/includes/autogen_user_options.fr.adoc index e6ae57c62..95e72f792 100644 --- a/doc/fr/includes/autogen_user_options.fr.adoc +++ b/doc/fr/includes/autogen_user_options.fr.adoc @@ -16,8 +16,8 @@ ** valeurs: sha224, sha256, sha384, sha512 ** valeur par défaut: `+sha256+` -* [[option_sec.crypt.passphrase_file]] *sec.crypt.passphrase_file* -** description: pass:none[chemin vers un fichier contenant la phrase de chiffrement pour (dé)chiffrer les données sécurisées ; cette option est utilisée seulement lors de la lecture du fichier sec.conf ; seulement la première ligne du fichier est utilisée ; ce fichier est utilisé seulement si la variable d'environnement "WEECHAT_PASSPHRASE" n'est pas définie (la variable d'environnement a une priorité plus haute) ; note de sécurité : il est recommandé de garder ce fichier en lecture seulement par vous et de le stocker en dehors du "home" WeeChat (par exemple dans votre "home") ; exemple : "~/.weechat-passphrase"] +* [[option_sec.crypt.passphrase_command]] *sec.crypt.passphrase_command* +** description: pass:none[lire la phrase de chiffrement depuis la sortie de cette commande (seule la première ligne est utilisée et elle ne doit contenir aucun autre caractère) ; cette option est utilisée seulement pour lire le fichier sec.conf et si la variable d'environnement "WEECHAT_PASSPHRASE" n'est pas définie (la variable d'environnement a une priorité plus haute) ; exemple avec password-store : "pass show weechat/passphrase"] ** type: chaîne ** valeurs: toute chaîne ** valeur par défaut: `+""+` diff --git a/doc/fr/weechat_user.fr.adoc b/doc/fr/weechat_user.fr.adoc index 3a1fef984..f25289ec8 100644 --- a/doc/fr/weechat_user.fr.adoc +++ b/doc/fr/weechat_user.fr.adoc @@ -2275,12 +2275,27 @@ données sont stockées sous forme de texte en clair dans le fichier. /secure passphrase ceci est ma phrase secrète ---- +// TRANSLATION MISSING +===== Passphrase on startup + Lorsqu'une phrase secrète est définie, WeeChat vous demandera de la saisir lors du démarrage (mais pas sur `/upgrade`). -Vous pouvez modifier ce comportement et utiliser un fichier avec la phrase -secrète (voir l'option -<<option_sec.crypt.passphrase_file,sec.crypt.passphrase_file>>). +Si vous utilisez un gestionnaire de mots de passe, vous pouvez lancer +un programme externe pour lire la phrase de chiffrement au lieu d'avoir +à l'entrer manuellement au démarrage de WeeChat. + +Par exemple avec password-store (command `pass`) : + +---- +/set sec.crypt.passphrase_command "pass show weechat/passphrase" +---- + +Le programme peut vous demander de déverrouiller votre clé GPG ou d'entrer une +autre phrase de chiffrement. WeeChat attendra la fin de la commande pour lire +la phrase de chiffrement sur la sortie standard (elle doit être sur la première +ligne et sans caractère supplémentaire). + +Si la sortie ne contient pas de phrase de chiffrement ou si celle-ci est +erronée, WeeChat vous demandera alors de la saisir. [[secured_data_encryption]] ===== Chiffrement diff --git a/doc/it/includes/autogen_user_commands.it.adoc b/doc/it/includes/autogen_user_commands.it.adoc index 96a42df00..d417e0653 100644 --- a/doc/it/includes/autogen_user_commands.it.adoc +++ b/doc/it/includes/autogen_user_commands.it.adoc @@ -1873,7 +1873,7 @@ Keys on secure buffer: alt+v toggle values When a passphrase is used (data encrypted), it is asked by WeeChat on startup. -It is possible to set environment variable "WEECHAT_PASSPHRASE" to prevent the prompt (this same variable is used by WeeChat on /upgrade), or to set option sec.crypt.passphrase_file to read the passphrase from a file (see /help sec.crypt.passphrase_file). +It is possible to set environment variable "WEECHAT_PASSPHRASE" to prevent the prompt (this same variable is used by WeeChat on /upgrade), or to set option sec.crypt.passphrase_command to read the passphrase from the output of an external command like a password manager (see /help sec.crypt.passphrase_command). Secured data with format ${sec.data.xxx} can be used in: - command /eval @@ -1884,6 +1884,8 @@ Secured data with format ${sec.data.xxx} can be used in: Examples: set a passphrase: /secure passphrase this is my passphrase + use program "pass" to read the passphrase on startup: + /set sec.crypt.passphrase_command "pass show weechat/passphrase" encrypt freenode SASL password: /secure set freenode mypassword /set irc.server.freenode.sasl_password "${sec.data.freenode}" diff --git a/doc/it/includes/autogen_user_options.it.adoc b/doc/it/includes/autogen_user_options.it.adoc index 9a8d27a16..a7c74624c 100644 --- a/doc/it/includes/autogen_user_options.it.adoc +++ b/doc/it/includes/autogen_user_options.it.adoc @@ -16,8 +16,8 @@ ** valori: sha224, sha256, sha384, sha512 ** valore predefinito: `+sha256+` -* [[option_sec.crypt.passphrase_file]] *sec.crypt.passphrase_file* -** descrizione: pass:none[path to a file containing the passphrase to encrypt/decrypt secured data; this option is used only when reading file sec.conf; only first line of file is used; this file is used only if the environment variable "WEECHAT_PASSPHRASE" is not set (the environment variable has higher priority); security note: it is recommended to keep this file readable only by you and store it outside WeeChat home (for example in your home); example: "~/.weechat-passphrase"] +* [[option_sec.crypt.passphrase_command]] *sec.crypt.passphrase_command* +** descrizione: pass:none[read the passphrase from the output of this command (only the first line is used and it must not contain any extra character); this option is used only when reading file sec.conf and if the environment variable "WEECHAT_PASSPHRASE" is not set (the environment variable has higher priority); example with password-store: "pass show weechat/passphrase"] ** tipo: stringa ** valori: qualsiasi stringa ** valore predefinito: `+""+` diff --git a/doc/it/weechat_user.it.adoc b/doc/it/weechat_user.it.adoc index c685072e9..c4df291f2 100644 --- a/doc/it/weechat_user.it.adoc +++ b/doc/it/weechat_user.it.adoc @@ -2362,11 +2362,26 @@ but highly recommended, otherwise data is stored as plain text in file. /secure passphrase this is my passphrase ---- -When a passphrase is set, WeeChat will ask you to enter it on startup (but not -on `/upgrade`). +// TRANSLATION MISSING +===== Passphrase on startup + +When a passphrase is set, WeeChat will ask you to enter it on startup +(but not on `/upgrade`). + +If you are using a password manager, you can run an external program to read +the passphrase instead of having to type it manually on WeeChat startup. + +For example with password-store (command `pass`): + +---- +/set sec.crypt.passphrase_command "pass show weechat/passphrase" +---- -You can change this behavior and use a file with the passphrase (see option -<<option_sec.crypt.passphrase_file,sec.crypt.passphrase_file>>). +The program may ask you unlock your GPG key or enter another passphrase to +read the secret. WeeChat will wait for the end of the command to read the +passphrase on the standard output (it must be on the first line without any +extra character). + +If the output contains no passphrase or if it is wrong, WeeChat will then ask +you to enter it. [[secured_data_encryption]] ===== Encryption diff --git a/doc/ja/includes/autogen_user_commands.ja.adoc b/doc/ja/includes/autogen_user_commands.ja.adoc index 7ed6214bf..36e67f1de 100644 --- a/doc/ja/includes/autogen_user_commands.ja.adoc +++ b/doc/ja/includes/autogen_user_commands.ja.adoc @@ -1860,37 +1860,39 @@ file: 保存する設定ファイル (拡張子 ".conf" は不要) set <name> <value> del <name> -passphrase: パスフレーズを変更 (パスフレーズがない場合、sec.conf ファイルに平文でデータを保存します) - -delete: パスフレーズを削除 - decrypt: 暗号化されているデータを復号化 (起動時にパスフレーズが設定されていない場合に起きます) - -discard: 全ての暗号化データを破棄 - set: 保護データを追加または変更 - del: 保護データを削除 +passphrase: change the passphrase (without passphrase, data is stored as plain text in file sec.conf) + -delete: delete passphrase + decrypt: decrypt data still encrypted (it happens only if passphrase was not given on startup) + -discard: discard all data still encrypted + set: add or change secured data + del: delete secured data -引数がない場合、新しいバッファに保護データを表示します。 +Without argument, this command displays secured data in a new buffer. -保護バッファ内で利用可能なキー: - alt+v 値を切り替えます +Keys on secure buffer: + alt+v toggle values -パスフレーズを利用する場合 (データが暗号化されている場合)、WeeChat は起動時にパスフレーズを尋ねます。 -入力を回避するには、環境変数 "WEECHAT_PASSPHRASE" を利用するか (WeeChat は /upgrade の時に同じ変数を利用します)、sec.crypt.passphrase_file オプションを設定してファイルからパスフレーズを読み込みます (/help sec.crypt.passphrase_file を参照してください)。 +When a passphrase is used (data encrypted), it is asked by WeeChat on startup. +It is possible to set environment variable "WEECHAT_PASSPHRASE" to prevent the prompt (this same variable is used by WeeChat on /upgrade), or to set option sec.crypt.passphrase_command to read the passphrase from the output of an external command like a password manager (see /help sec.crypt.passphrase_command). -${sec.data.xxx} の形で書かれた保護データは以下の様に利用できます: - - /eval コマンド - - コマンドライン引数 "--run-command" - - weechat.startup.command_{before|after}_plugins オプション - - パスワードや機密データを含むと思われるその他のオプション (例えば、プロキシ、irc サーバ、リレー); 保護データが評価されるかを確認するには各オプションの /help を参照してください。 +Secured data with format ${sec.data.xxx} can be used in: + - command /eval + - command line argument "--run-command" + - options weechat.startup.command_{before|after}_plugins + - other options that may contain a password or sensitive data (for example proxy, irc server and relay); see /help on the options to check if they are evaluated. -例: - パスフレーズを設定: +Examples: + set a passphrase: /secure passphrase this is my passphrase - freenode の SASL パスワードを暗号化: + use program "pass" to read the passphrase on startup: + /set sec.crypt.passphrase_command "pass show weechat/passphrase" + encrypt freenode SASL password: /secure set freenode mypassword /set irc.server.freenode.sasl_password "${sec.data.freenode}" - oftc の nickserv 用パスワードを暗号化: + encrypt oftc password for nickserv: /secure set oftc mypassword /set irc.server.oftc.command "/msg nickserv identify ${sec.data.oftc}" - ニックネーム "mynick" を取り戻すためのエイリアス ghost を設定 + alias to ghost the nick "mynick": /alias add ghost /eval /msg -server freenode nickserv ghost mynick ${sec.data.freenode} ---- diff --git a/doc/ja/includes/autogen_user_options.ja.adoc b/doc/ja/includes/autogen_user_options.ja.adoc index 68df967e2..d66608719 100644 --- a/doc/ja/includes/autogen_user_options.ja.adoc +++ b/doc/ja/includes/autogen_user_options.ja.adoc @@ -16,8 +16,8 @@ ** 値: sha224, sha256, sha384, sha512 ** デフォルト値: `+sha256+` -* [[option_sec.crypt.passphrase_file]] *sec.crypt.passphrase_file* -** 説明: pass:none[保護データを暗号化/複合化するためのパスフレーズを保存したファイルパス; このオプションは sec.conf ファイルを読むときだけに利用されます; ファイルの 1 行目だけが利用されます; このファイルは環境変数 "WEECHAT_PASSPHRASE" が設定されていないときだけに利用されます (環境変数のほうが優先順位が高いです); セキュリティ上の注意: このファイルを自分だけが読み込める状態にし、WeeChat ホームの外 (例えば自分のホームディレクトリ) に保存しておくことを推奨します; 例: "~/.weechat-passphrase"] +* [[option_sec.crypt.passphrase_command]] *sec.crypt.passphrase_command* +** 説明: pass:none[read the passphrase from the output of this command (only the first line is used and it must not contain any extra character); this option is used only when reading file sec.conf and if the environment variable "WEECHAT_PASSPHRASE" is not set (the environment variable has higher priority); example with password-store: "pass show weechat/passphrase"] ** タイプ: 文字列 ** 値: 未制約文字列 ** デフォルト値: `+""+` diff --git a/doc/ja/weechat_user.ja.adoc b/doc/ja/weechat_user.ja.adoc index ed13f719d..fa8a5961e 100644 --- a/doc/ja/weechat_user.ja.adoc +++ b/doc/ja/weechat_user.ja.adoc @@ -2244,11 +2244,26 @@ _sec.conf_ /secure passphrase this is my passphrase ---- -パスフレーズを設定した場合、WeeChat -の起動時にパスフレーズの入力が求められるようになります (`/upgrade` 時には求められません)。 +// TRANSLATION MISSING +===== Passphrase on startup + +When a passphrase is set, WeeChat will ask you to enter it on startup +(but not on `/upgrade`). + +If you are using a password manager, you can run an external program to read +the passphrase instead of having to type it manually on WeeChat startup. + +For example with password-store (command `pass`): + +---- +/set sec.crypt.passphrase_command "pass show weechat/passphrase" +---- -この挙動を変更し、パスフレーズを保存したファイルを使うことも可能です -(<<option_sec.crypt.passphrase_file,sec.crypt.passphrase_file>> オプションを参照してください)。 +The program may ask you unlock your GPG key or enter another passphrase to +read the secret. WeeChat will wait for the end of the command to read the +passphrase on the standard output (it must be on the first line without any +extra character). + +If the output contains no passphrase or if it is wrong, WeeChat will then ask +you to enter it. [[secured_data_encryption]] ===== 暗号化 diff --git a/doc/pl/includes/autogen_user_commands.pl.adoc b/doc/pl/includes/autogen_user_commands.pl.adoc index 02f3dd315..f335ad3c0 100644 --- a/doc/pl/includes/autogen_user_commands.pl.adoc +++ b/doc/pl/includes/autogen_user_commands.pl.adoc @@ -1859,38 +1859,40 @@ Domyślnie zapisywane na dysku są wszystkie pliki konfiguracyjne podczas wykony set <nazwa> <wartość> del <nazwa> -passphrase: zmienia hasło (bez hasła dane są przechowywane w postaci tekstu w pliku sec.conf) - -delete: kasuje hasło - decrypt: rozszyfrowuje dane będące ciągle zaszyfrowane (zdarza się to tylko jeśli hasło nie zostało podane przy uruchomieniu) - -discard: odrzuca wszystkie nadal zaszyfrowane dane - set: dodaje lub zmienia zaszyfrowane dane - del: kasuje zaszyfrowane dane - -Bez argumentu, komenda wyświetli zabezpieczone dane w nowym buforze. - -Kombinacje klawiszy w bezpiecznym buforze: - alt+v przełącza wartości - -Jeśli używane jest hasło (dane zaszyfrowane), należy je podać podczas startu WeeChat. -Jest możliwe ustawienie zmiennej środowiskowej "WEECHAT_PASSPHRASE", aby nie podawać hasła przy uruchomieniu (ta sama zmienna jest używana przez WeeChat podczas wykonywania /upgrade). - -Zabezpieczone dane w formacie ${sec.data.xxx} można użyć w: - - komendzie /eval - - argumencie w linii poleceń "--run-command" - - opcjach weechat.startup.command_{before|after}_plugins - - innych opcjach, które mogą zawierać hasło lub wrażliwe dane (na przykład proxy, serwer irc i relay); zobacz /help na opcjach żeby sprawdzić czy są przetwarzane. - -Przykłady: - ustawienie hasła: - /secure passphrase to jest moje hasło - zaszyfrowanie hasła dla freenode SASL: - /secure set freenode mojehasło +passphrase: change the passphrase (without passphrase, data is stored as plain text in file sec.conf) + -delete: delete passphrase + decrypt: decrypt data still encrypted (it happens only if passphrase was not given on startup) + -discard: discard all data still encrypted + set: add or change secured data + del: delete secured data + +Without argument, this command displays secured data in a new buffer. + +Keys on secure buffer: + alt+v toggle values + +When a passphrase is used (data encrypted), it is asked by WeeChat on startup. +It is possible to set environment variable "WEECHAT_PASSPHRASE" to prevent the prompt (this same variable is used by WeeChat on /upgrade), or to set option sec.crypt.passphrase_command to read the passphrase from the output of an external command like a password manager (see /help sec.crypt.passphrase_command). + +Secured data with format ${sec.data.xxx} can be used in: + - command /eval + - command line argument "--run-command" + - options weechat.startup.command_{before|after}_plugins + - other options that may contain a password or sensitive data (for example proxy, irc server and relay); see /help on the options to check if they are evaluated. + +Examples: + set a passphrase: + /secure passphrase this is my passphrase + use program "pass" to read the passphrase on startup: + /set sec.crypt.passphrase_command "pass show weechat/passphrase" + encrypt freenode SASL password: + /secure set freenode mypassword /set irc.server.freenode.sasl_password "${sec.data.freenode}" - zaszyfrowanie hasła dla nickserva na serwerze oftc: - /secure set oftc mojehasło + encrypt oftc password for nickserv: + /secure set oftc mypassword /set irc.server.oftc.command "/msg nickserv identify ${sec.data.oftc}" - alias dla polecenia ghost dla nicka "mójnick": - /alias ghost /eval /msg -server freenode nickserv ghost mójnick ${sec.data.freenode} + alias to ghost the nick "mynick": + /alias add ghost /eval /msg -server freenode nickserv ghost mynick ${sec.data.freenode} ---- [[command_weechat_set]] diff --git a/doc/pl/includes/autogen_user_options.pl.adoc b/doc/pl/includes/autogen_user_options.pl.adoc index 154756209..dc4ebfbb3 100644 --- a/doc/pl/includes/autogen_user_options.pl.adoc +++ b/doc/pl/includes/autogen_user_options.pl.adoc @@ -16,8 +16,8 @@ ** wartości: sha224, sha256, sha384, sha512 ** domyślna wartość: `+sha256+` -* [[option_sec.crypt.passphrase_file]] *sec.crypt.passphrase_file* -** opis: pass:none[ścieżka do pliku zawierającego hasło do szyfrowania/rozszyfrowywania zabezpieczonych danych; opcja ta jest używana tylko podczas odczytu pliku sec.conf; używana jest tylko pierwsza linia z tego pliku; plik jest używany tylko jeśli zmienna środowiskowa "WEECHAT_PASSPHRASE" nie została ustawiona (zmienna środowiskowa ma najwyższy priorytet); uwaga bezpieczeństwa: zaleca się trzymanie tego pliku poza katalogiem domowym WeeChat (np. w katalogu domowym) i nadanie mu praw do odczytu tylko przez siebie; przykład: "~/.weechat-passphrase"] +* [[option_sec.crypt.passphrase_command]] *sec.crypt.passphrase_command* +** opis: pass:none[read the passphrase from the output of this command (only the first line is used and it must not contain any extra character); this option is used only when reading file sec.conf and if the environment variable "WEECHAT_PASSPHRASE" is not set (the environment variable has higher priority); example with password-store: "pass show weechat/passphrase"] ** typ: ciąg ** wartości: dowolny ciąg ** domyślna wartość: `+""+` diff --git a/doc/pl/weechat_user.pl.adoc b/doc/pl/weechat_user.pl.adoc index bb878d30e..f3043c789 100644 --- a/doc/pl/weechat_user.pl.adoc +++ b/doc/pl/weechat_user.pl.adoc @@ -2213,11 +2213,26 @@ zwykły tekst. /secure passphrase to jest moje hasło ---- -Kiedy hasło jest ustawione, WeeChat poprosi o jego podanie przy uruchomieniu -(ale nie podczas `upgrade`). +// TRANSLATION MISSING +===== Passphrase on startup + +When a passphrase is set, WeeChat will ask you to enter it on startup +(but not on `/upgrade`). + +If you are using a password manager, you can run an external program to read +the passphrase instead of having to type it manually on WeeChat startup. + +For example with password-store (command `pass`): + +---- +/set sec.crypt.passphrase_command "pass show weechat/passphrase" +---- -Możesz zmienić to zachowanie i użyć pliku z zapisanym hasłem (zobacz opcję -<<option_sec.crypt.passphrase_file,sec.crypt.passphrase_file>>). +The program may ask you unlock your GPG key or enter another passphrase to +read the secret. WeeChat will wait for the end of the command to read the +passphrase on the standard output (it must be on the first line without any +extra character). + +If the output contains no passphrase or if it is wrong, WeeChat will then ask +you to enter it. [[secured_data_encryption]] ===== Szyfrowanie |