Extension Name
This extension is/is not distributed with Mercurial.
Author: Marcin Kasperski
Download site: http://bitbucket.org/Mekk/mercurial_keyring/
Overview
Keyring extension uses services of the keyring library to securely save authentication passwords (HTTP/HTTPS at the moment, SMTP passwords are considered) using system specific password database (Gnome Keyring, KDE KWallet, OSXKeyChain, dedicated solutions for Win32 and command line).
What it does
The extension prompts for the password on the first pull/push (just like it is done by default), but saves the given password (keyed by the combination of username and remote repository url) in the password database. On the next run it checks for the username in .hg/hgrc, then for suitable password in the password database, and uses those credentials if found.
In case password turns out incorrect (either because it was invalid, or because it was changed on the server) it just prompts the user again.
Installation
Install the keyring library:
easy_install keyring
(or use any other method to install it from PIP)
Then download mercurial_keyring.py and save it anywhere on the system (preferably in hgext directory).
Configuration
Configure your .hgrc to enable the extension by adding following lines:
[extensions] hgext.mercurial_keyring = /path/to/mercurial_keyring.py
The most appropriate password backend should usually be picked automatically, without configuration. Still, if necessary, it can be configured using ~/keyringrc.cfg file (keyringrc.cfg in the home directory of the current user). Refer to keyring docs for more details.
I considered handling similar options in hgrc, but decided that single person may use more than one keyring-based script. Still, I am open to suggestions.
Repository configuration
Edit repository-local .hg/hgrc and save there the remote repository path and the username, but do not save the password. For example:
[paths] myremote = https://my.server.com/hgrepo/someproject [auth] myremote.schemes = http https myremote.prefix = my.server.com/hgrepo myremote.username = mekk
Simpler form with url-embedded name can also be used:
[paths] bitbucket = https://User@bitbucket.org/User/project_name/
Note: if both username and password are given in .hg/hgrc, extension will use them without using the password database. If username is not given, extension will prompt for credentials every time, also without saving the password. So, in both cases, it is effectively reverting to the default behaviour.
Usage
Configure the repository as above, then just pull and push. You should be asked for the password only once (per every username+remote_repository_url combination).