WingNews logo WingNews
top | item 20121840

(no title)

rkudiyarov | 6 years ago

Yes, that is user's home directory, e.g., SSH keys in ~/.ssh are also plain text.

discuss

order

jamesponddotco|6 years ago

Not their passwords, tho. I am not trying to be difficult here, just trying to understand the reasoning behind leaving the passwords stored in plain text.

rkudiyarov|6 years ago

We found no way to store password somehow else as Keychains are platform specific, but we plan to add Keychain support in the future.

__david__|6 years ago

> …SSH keys in ~/.ssh are also plain text.

What? Mine aren't, nor have they ever been…

If you are storing ssh private keys on disk without a password you are doing something wrong.

icebraining|6 years ago

If someone can read the files in .ssh, chances are they can also add an alias to the ssh command that steals your passphrase. As for the "stolen laptop" scenario, whole disk encryption is preferable.