Passphrase Request should be suppressed when not entered during profile setup

[ankitforcode]

When using exec the passphrase request should be suppressed since this being an optional input during the profile setup.

ubuntu@dev:~$ aws-okta exec dev -- aws s3 ls
Enter passphrase to unlock /home/<user>/.aws-okta/:

[nickatsegment]

This is basically a limitation of one of our dependencies: https://github.com/99designs/keyring/blob/master/file.go#L71

In order to check if your passphrase is "", it would have to just try decrypting. Which I suppose it could, but then why bother encrypting at all?

Really what you want is an unencrypted backend for keyring. While I can see how this would be convenient, it opens you up to security problems. Namely any other process on your computer that can read your home directory (root, malware) could pilfer your Okta creds from the file, or run aws-okta with your creds without you knowing it. Which is also true of the file backend with a "" passphrase, but at least then the malware has to attempt decrypting and the creds/session tokens aren't sitting there in cleartext.

Anyway, #278 and this is a new feature/behavioural change so it won't be accepted.

[arohter]

You might be interested in our workaround: TiVo#1