Skip to content

Instantly share code, notes, and snippets.

@wicky-andrian

wicky-andrian/regenerate_credentials.md

Forked from db0sch/regenerate_credentials.md
Created June 30, 2020 06:01
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save wicky-andrian/03d6c54b6f29feb744b20859d6cb66c2 to your computer and use it in GitHub Desktop.
Save wicky-andrian/03d6c54b6f29feb744b20859d6cb66c2 to your computer and use it in GitHub Desktop.
Download ZIP
How to regenerate the master key for Rails 5.2 credentials
Raw
regenerate_credentials.md

If your master.key has been compromised, you might want to regenerate it.

No key regeneration feature at the moment. We have to do it manually.

  1. Copy content of original credentials rails credentials:show somewhere temporarily.
  2. Remove config/master.key and config/credentials.yml.enc
  3. Run EDITOR=vim rails credentials:edit in the terminal: This command will create a new master.key and credentials.yml.enc if they do not exist.
  4. Paste the original credentials you copied (step 1) in the new credentials file (and save + quit vim)
  5. Add and Commit the file config/credentials.yml.enc

Important

  • Make sure config/master.key is listed in .gitignore and NOT tracked by git.
  • The command EDITOR=vim rails credentials:edit might not work if you require credential value in some file (initializers or database.yml). I had the problem with devise.rb. I just uncommented the line secret_key = ... just the time to run the command to regenerate the credentials file, and then commented the line out again.
  • If you want to use Sublime to edit the credentials, you can replace the command EDITOR=vim rails credentials:edit by EDITOR="/Applications/Sublime\ Text.app/Contents/SharedSupport/bin/subl -w" rails credentials:edit

source: https://blog.eq8.eu/til/rails-52-credentials-tricks.html

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment