SShortSingh.
Back to feed

How a Developer-Focused Password Manager Can Secure SSH Keys and API Tokens

0
·1 views

A developer writing for DEV Community argues that switching to a developer-first password manager like 1Password transformed their workflow beyond simple login storage. The tool manages SSH keys, API tokens, and database URLs, with an SSH agent that keeps private keys off disk entirely. Using the CLI tool 'op run', environment files store only vault references rather than real credentials, which are injected at runtime and discarded when the process ends. The setup also enables Git commit signing via SSH keys already stored in the vault, requiring just three shell commands. The author notes a security benefit: malicious npm post-install scripts that scan for plaintext credentials in common directories would find nothing, eliminating one of the most common attack vectors.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

IT Tech Builds No-Install USB Diagnostic Toolkit to Skip Repetitive Setup

A developer and IT technician grew frustrated with repeatedly assembling diagnostic tools on every new machine or client site, prompting them to create a portable USB-based toolkit. The kit is built around a strict rule: all tools must run directly from the USB drive, install nothing on the host machine, and leave no trace after removal. It is organized into three functional areas — system health checks, network diagnostics, and user profile management — covering the most common IT troubleshooting scenarios. The author notes that using a fast USB 3.0 or higher drive is important, as slow hardware can make portable tools appear broken. While the toolkit can be assembled for free using existing portable utilities and built-in Windows commands, the author also packaged and released it commercially for $34 as a one-time download.

0
ProgrammingHacker News ·

Developer Translates Entire Rust Compiler Codebase Into C

A project called 'crustc' has emerged on GitHub, aiming to translate the entirety of rustc, the official Rust programming language compiler, into C. The work is being carried out by developer FractalFir, who published the project as an open-source repository. The effort represents a significant technical undertaking, given that rustc is a large and complex codebase written in Rust itself. Such a translation could have implications for bootstrapping Rust on systems where a native Rust compiler is unavailable. The project has begun attracting attention in the developer community, garnering early points and discussion on Hacker News.

0
ProgrammingDEV Community ·

AI Coding Skills: Why Structured Workflows Beat Simple Code Prompts

Most developers use AI coding assistants with simple one-line prompts, but this approach often produces inconsistent and shallow results. Developer Matt Pocock's open-source Skills repository proposes a better method: giving AI structured, reusable engineering workflows instead of ad-hoc instructions. These workflows guide AI through processes like writing Product Requirements Documents, test-driven development, systematic debugging, and architecture reviews. The approach mirrors how experienced software engineers actually think, making it useful for both greenfield projects and legacy codebases. By treating AI as a process-following collaborator rather than a code generator, developers can achieve more reliable, maintainable, and professionally structured outputs.

0
ProgrammingDEV Community ·

How a developer shipped a libmpv-based video player on the Mac App Store

Developer Reel, a local video player and library app for macOS, was successfully submitted to the Mac App Store despite most mpv-based players distributing outside it. The process took about a month from first commit to approval, with the biggest hurdle being a JIT-related crash caused by LuaJIT's memory allocator conflicting with App Store sandbox entitlement rules. The fix was a single build-flag change to disable Lua entirely, since the app never used mpv's scripting features, which also eliminated the need for two otherwise-required entitlements. Additional challenges included LGPL compliance with static linking, two sandbox traps that only surfaced after local testing, and a design rejection. The developer published the experience as a field guide for anyone integrating FFmpeg or libmpv into a sandboxed Mac app.

How a Developer-Focused Password Manager Can Secure SSH Keys and API Tokens · ShortSingh