I have Ubuntu 22.04.4 LTS distro on my WSL2 (hosted on my Windows 11 23H2 x64 Pro).

[sa4423085]

I have Ubuntu 22.04.4 LTS distro on my WSL2 (hosted on my Windows 11 23H2 x64 Pro).
And I need to securely and persisently store credentials in non-interactive manner (without any user prompt).
Secret Service API definitelly require GUI, Git credential cache is not persistent, Plaintext files are not secure at all.
I've tried to use GPG/pass compatible files store. But if I set a passphrase for a generated GPG key a prompt starts to open in WSL2 terminal window (or in a GUI window if Seahorse is installed):

So GPG/pass compatible files don't require any interaction only if GPG key has no passphrase? No other options available on Linux?

Originally posted by @bairog in #1680

[becm]

Same issue regarding passphrase on keys would also apply to SSH authentication.
On regular Linux Data-at-rest is covered by file system encryption.
As soon as something runs in the same context as the user, protecting locally stored secrets without additional unlock steps is close to impossible to do correctly.

If you trust your Windows system and have Git installed there as well, you can redirect to its GCM credential store.
Which (also) shows there is no just obscurity in accessing data in the same user context (not real security).