Question 1

How do I set up git-crypt to encrypt a file?

Accepted Answer

Run 'git-crypt init' in your repository, then add rules to .gitattributes for files to encrypt, like '*.key filter=git-crypt diff=git-crypt'. Ensure .gitattributes is not encrypted and rules are in place before adding sensitive files.

Question 2

git-crypt vs git-remote-gcrypt: which should I use?

Accepted Answer

Use git-crypt for selectively encrypting a few files in a mostly public repo. For encrypting entire repositories, git-remote-gcrypt is more appropriate, but note that git-crypt's README does not endorse its security and recommends it only for full-repo encryption.

Question 3

Can I revoke someone's access to encrypted files in git-crypt?

Accepted Answer

No, git-crypt does not support revoking access or key rotation. Once a user has the key, they can access all historical encrypted data, and there's no built-in command to remove users, as discussed in the Limitations.

Question 4

Does git-crypt work with GitHub Desktop or other git GUIs?

Accepted Answer

It may not work reliably with some GUIs like Atlassian SourceTree and GitHub for Mac. Files might remain unencrypted, so command-line usage is recommended for safety, per the README warnings.

Question 5

How to apply patches to encrypted files in git-crypt?

Accepted Answer

You cannot use standard git-apply on encrypted patches. Generate encrypted patches with 'git diff --no-textconv --binary', or apply plaintext patches outside git using the patch command, as specified in the Limitations.

Question 6

Is git-crypt secure for storing passwords in git?

Accepted Answer

Yes, it uses AES-256 encryption with strong security guarantees, but ensure the entire repository is protected against tampering, as .gitattributes files can be altered to disable encryption, requiring additional integrity measures.

git-crypt

What is git-crypt?

Overview

Use Cases

Best For

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions