Reputation: 4523
Password decryption not supported on .NET Core for Windows?
I recently converted a private NuGet repository to require authentication.
To build a project that uses that repository, I added the authentication to the local NuGet.Config with NuGet Sources add -name [repo_name] -Source [source_url] -UserName [username] -Password [password].
I now get the following error when I try running dotnet restore:
Password decryption is not supported on .NET Core for this platform. The following feed uses an encrypted password: 'nuget-sdet'. You can use a clear text password as a workaround.
I know that this isn't supported on linux, but I'm running this on Windows Server 2012 R2.
This is running on a very old version of .NET Core: 1.0.0-preview2-003121.
Is password decryption supported on Windows for newer versions of .NET Core?
Or am I stuck between either storing the password in clear text or re-enabling anonymous access to the feed?
Upvotes: 26
Views: 18409
Answers (2)
Reputation: 6893
I have just came across to this issue on VS for Mac. Answers here are not really enlightening and microsoft documentation is unclear. The name --store-password-in-clear-text sounds like you have to store your repository password. Actually you can simply use an access token instead of your username.
For example on Azure Devops, you go to right-upper corner your account icon as in the image and select "Personal access tokens"
Then create a new access token by giving the permission Packing read
Copy your newly created access token use the command below using from the VS menu Tools->SDK Command Prompt
dotnet nuget add source https://myfeed/nuget/v3/index.json -n myFeed
-u usernamenotimportant -p yourtokencomeshere --store-password-in-clear-text
This command will update your nuget.config file which is found on the path ~/.nuget/Nuget/Nuget.config this path is important because this is the Nuget.Config file used and displayed by Nuget package manager in VS4Mac.
As mentioned here on the MS docu, other path there is the 2nd Nuget.Config ~/.config/NuGet/NuGet.Config that is not displayed by the Package Manager, i think that it is still used by MsBuild but not displayed. it will probably still work but can cause confusion as the Package Manager doesn't show your nuget source and your private packages.
Last point is, dont use Nuget CLI to add the source which is similar command like below
nuget add source https://myfeed/nuget/v3/index.json -name myFeed
-username usernamenotimportant -password yourtokencomeshere -StorePasswordInClearText
This command is updating the other Nuget.Config on the .config folder that wont be displayed by the VS for Mac.
So at the end only your Token is stored like below
<packageSourceCredentials>
<myFeed>
<add key="Username" value="myusername" />
<add key="ClearTextPassword" value="mytokencomeshere" />
</myFeed>
</packageSourceCredentials>
Upvotes: 1
Reputation: 161
In non windows OS you should add the suffix of --store-password-in-clear-text
to your add command.
As specified in the dotnet nuget add source article here
--store-password-in-clear-text
Enables storing portable package source credentials by disabling password encryption.
Upvotes: 14
Related Questions
- Unable to find Microsoft.Azure.Services.AppAuthentication on NuGet Packages
- .net core 2 user-secrets executable missing
- Decrypting FormsAuthentication.Encrypt in dotnet core
- Nuget restore fails with authentication
- Problem with restoring nuget packages with asp.net core 2.2
- Package Restore Failed / .Net Core Install Bug
- The decryption operation failed, see inner exception
- dotnet restore fails for private nuget packages
- .Net Core 2.0 Warning NU1603 during dotnet restore, problems with NuGet packages
- dotnet restore NuGet.Config environment variables for ClearTextPassword doesn't work