I have setup a password protected repository server hosting few deb packages for my application. The repository works well and I am able to install packages on the client VMs(Ubuntu 22.04) once the repository is added in the /etc/apt/sources.list.d/app.list, credentials in /etc/apt/auth.conf.
But the problem is the credentials for the repository stored in /etc/apt/auth.conf are in cleartext and I don't want to expose the credentials to the user.
What are the possible ways to secure my password in this scenario?
I have tried encrypting the folder, storing a hashed password in the file but apparently apt requires passwords to be in cleartext.
Any direction is much appreciated!!