Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remember instance password across different browser sessions #102

Open
hwittenborn opened this issue Aug 10, 2022 · 3 comments
Open

Remember instance password across different browser sessions #102

hwittenborn opened this issue Aug 10, 2022 · 3 comments

Comments

@hwittenborn
Copy link

Hi! Would there be any way for Sshwifty to remember the password/token used to log in to the instance across different browser sessions? I have a fairly complicated password on my instance and having to type it in every single time (even on things like a page refresh) is quite tedious, and it would help tremendously if Sshwifty just remembered a token after entering a password for the first time.

@nirui
Copy link
Owner

nirui commented Aug 10, 2022

Hi :D

But bad news first: currently, Sshwifty does not save user login credentials on to the disk.

Sshwifty will remember the password until the page is reloaded (refreshed). For security reasons, the records are saved in memory and will not be available for the later sessions.

Before the page is reloaded however, you can directly reuse previous login parameters by simply selecting the connection record under the Known Remote list. The login process in this case should be completely automatic without the need of user input (until the page is reloaded that is) .

@hwittenborn
Copy link
Author

Sshwifty will remember the password until the page is reloaded (refreshed). For security reasons, the records are saved in memory and will not be available for the later sessions.

It makes sense that things like SSH keys or other details to connect to servers would be kept in memory, but would it be possible to make it to where the password itself for the instance could persist past that, even if had to be enabled by a config option?

I just want the password to be stored so I don't have to retype it, it would be fine by me if the client still had to authenticate with the stored password and retrieve details on available servers every time, since that would be done in the background with no user intervention anyway, right?

@nirui
Copy link
Owner

nirui commented Aug 10, 2022

Web browser is a dynamic and complex environment. Data stored inside a web browser might be accessible not only by Sshwifty, but also by extensions, injected scripts and services hosted under the same hostname (if the user hosts their instance in this manner).

Because of that, I don't think it is responsible for me to enable such feature knowing some users might upload their secret password and/or private key to the web page to be stored in long-term. Sorry, I'm afraid I cannot do that at my end since it effects too many users :(

If you got really annoyed by this behavior, please consider switch to Private Key authentication method by creating a SSH key pair to be used specifically in Sshwifty. That way, you only need to load a file instead of typing the password.

And if that's not an option, you can modify the software to add credential data as part of data stored in persistent storage (here is an example on how it's done).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants