You know what's really annoying about new people like me?
Always trying to improve things.
How about encrypted keys for logging into AUR, because the timeouts suck.
I have packages to contribute and no time to waste!
we can do it as art.archlinux.org does it, log in once and you're done
arch + gentoo + initng + python = enlisy
I haven't tried this, but is it possible to hijack someones package in the AUR, and put your own version out there?
That's why I'm thinking ssh keys. There is a clear warning about the stuff, and my assumption is that as soon as it gets certified that it has to be recertified if anything changes.
ssh keys? That is trying to use a mallet to fix broken glass. Wrong tool for the job.
Just use php session handling, and maybe hash the username and password and last ip address they used if you need such a thing. Then have it expire after a few days..or when the ip changes.
"Be conservative in what you send; be liberal in what you accept." -- Postel's Law
"tacos" -- Cactus' Law
"t̥͍͎̪̪͗a̴̻̩͈͚ͨc̠o̩̙͈ͫͅs͙͎̙͊ ͔͇̫̜t͎̳̀a̜̞̗ͩc̗͍͚o̲̯̿s̖̣̤̙͌ ̖̜̈ț̰̫͓ạ̪͖̳c̲͎͕̰̯̃̈o͉ͅs̪ͪ ̜̻̖̜͕" -- -̖͚̫̙̓-̺̠͇ͤ̃ ̜̪̜ͯZ͔̗̭̞ͪA̝͈̙͖̩L͉̠̺͓G̙̞̦͖O̳̗͍