Package Manager supports the encryption of sensitive configuration options. For example,
Manifest.Password settings all support
plain text or encrypted values.
Encrypt a setting#
To encrypt a sensitive configuration setting, use the
rspm encrypt command. For example:
$ rspm encrypt << Encryption: Enter the plain text value below. << Qu0lI/gridhu85sqChwFtP2wFkqCcWt9owBpxFjAhKFaU2ZraBB2LM62Ieo=
Only settings that have the type of
rspm encrypt command creates a key file called
rstudio-pm.key at the specified
Server.EncryptionKeyPath location or
if left unspecified in the
key must not be deleted for the Package Manager server to properly read the configuration file.
It also needs to be owned by the same account that runs the Package Manager server, in most cases
this is the
Check the file permissions by running
ls -l /path/to/key/file. If the file is not
owned by the same user that runs Package Manager, change it by running
sudo chown [user-account] /path/to/key/file.
Note that the
PACKAGEMANAGER_ENCRYPTION_KEY environment variable can be used
to specify the encryption key to
rspm encrypt in place of the key file, which
may be preferable to managing the file directly in some cases.