Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Robomongo stored Passwords in plain text #731

Open
UltimateFighter opened this Issue Jan 8, 2015 · 22 comments

Comments

@UltimateFighter
Copy link

UltimateFighter commented Jan 8, 2015

in the file robomongo.json all passwords are stored in plain text.

for that reason I must deinstall robomongo now !!!

@stennie

This comment has been minimized.

Copy link
Contributor

stennie commented Jan 9, 2015

@UltimateFighter Thanks for the feedback. Do you have any suggestions on how to store the password data .. or should there be an option to prompt for each new connection (similar to #609)?

Ultimately any application that saves credentials will be as vulnerable as the configuration of your client environment.

@UltimateFighter

This comment has been minimized.

Copy link
Author

UltimateFighter commented Jan 9, 2015

Encryption!?

@stennie stennie added the enhancement label Jan 25, 2015

@wienczny

This comment has been minimized.

Copy link

wienczny commented Jan 27, 2015

@UltimateFighter Which encryption algorithm do you suggest? Requirements are simple:

  1. Robomongo can encrypt/decrypt it.
  2. An attacker which has access to the configuration and robomongo can't decrypt it.
@gavruk

This comment has been minimized.

Copy link
Contributor

gavruk commented Feb 26, 2015

This can be solved by setting up master-password and require it every time you open Robomongo

@spamguy

This comment has been minimized.

Copy link

spamguy commented Mar 1, 2015

+1ing. I found my SSH passphrase in plaintext just now. I dunno about other OSes, but as for OSX, perhaps Keychain integration?

https://developer.apple.com/library/ios/documentation/Security/Conceptual/keychainServConcepts/01introduction/introduction.html

@thinklinux

This comment has been minimized.

Copy link

thinklinux commented Mar 1, 2015

+1 for keychain integration. Github did that for https. For linux is Gnome Keyring.

@markstos

This comment has been minimized.

Copy link

markstos commented Mar 4, 2015

+1 for Keychain integration. Or Keepass2 integration

@stennie stennie added this to the Robomongo 0.9.0 milestone Mar 12, 2015

@H-Max

This comment has been minimized.

Copy link

H-Max commented Jun 26, 2015

+1 for keychain integration

@wyardley

This comment has been minimized.

Copy link

wyardley commented Nov 25, 2015

Storing password / passphrase in the clear is bad. It's also bad that the UI displays ssh passphrase (in the ssh tab) in cleartext when it's entered.

I realize that this is platform specific, and would be harder to implement, but in Mac OSX build (and Windows build, for that matter), the program should ideally use the OS specific features that already exist for this (keychain in OS X, additionally, builtin ssh-agent functionality in OS X rather than hard-coding passphrase in the client).

@synthomat

This comment has been minimized.

Copy link
Contributor

synthomat commented Feb 26, 2016

Is this something that could be used?
https://github.com/frankosterfeld/qtkeychain

@anorsich

This comment has been minimized.

Copy link
Contributor

anorsich commented Apr 19, 2016

@spamguy @wyardley Just wanted to let you that we made a first step to implementing that issue. In the latest 0.9.0 RC8 release we do not store a ssh key password in robomongo config, instead, we ask for it every time when new ssh connection was initiated. You can read more in the following blog post

Encryption of robomongo.config is planned for the future releases.

@wyardley

This comment has been minimized.

Copy link

wyardley commented Apr 19, 2016

Thanks @anorsich
Allowing it to use an existing authentication socket would also seem to be a good idea that should work on multiple platforms, and would avoid having to know the key's passphrase.

@anorsich

This comment has been minimized.

Copy link
Contributor

anorsich commented Apr 19, 2016

@wyardley Thanks for the suggestion! We did great a job re-working SSH tunnel, our implementation allows us to control different settings, such zipping and others. Robomongo stores a password in any way, so I don't think there is a real need to use existing socket. If you already have a socket you can just use it for connections right away.

@wyardley

This comment has been minimized.

Copy link

wyardley commented Apr 19, 2016

@anorsich Are you saying that it will use $SSH_AUTH_SOCK or equivalent if it's defined?
I will test with new version (which I think is new since I posted this). The notes at:
http://blog.robomongo.org/robomongo-rc8/ say that (in the future) "Support for SSH agents will be implemented".
I will try to test rc8 when it becomes available.

@ghost

This comment has been minimized.

Copy link

ghost commented Mar 5, 2017

You could use 256-aes-ctr with master password.

@markstos

This comment has been minimized.

Copy link

markstos commented Mar 6, 2017

@tailot Where is option to use 256-aes-ctr to encrypt the master password?

@ghost

This comment has been minimized.

Copy link

ghost commented Mar 6, 2017

@markstos It has not been yet implemented. This is a proposal.

@simsekgokhan

This comment has been minimized.

Copy link
Collaborator

simsekgokhan commented Mar 9, 2017

@tailot , thanks a lot for suggestion. We will consider.

@simsekgokhan simsekgokhan removed this from the Robomongo 1.0 (Draft) milestone Jun 26, 2017

@nullv01d

This comment has been minimized.

Copy link

nullv01d commented Jul 3, 2017

This is still a problem even in the latest version robo3t 1.1.1. This is indeed a serious issue, is it being considered for future versions?

@KralMar

This comment has been minimized.

Copy link

KralMar commented Aug 14, 2017

Hi guys,

i just saw the removed-flag on this issue,
did you drop this proposal or did you just postpone it?

@davideanderson

This comment has been minimized.

Copy link

davideanderson commented May 29, 2018

I think there should be an option to prompt for each connection, as I have other tools to manage and encrypt my passwords.

@simsekgokhan simsekgokhan self-assigned this Feb 19, 2019

@simsekgokhan

This comment has been minimized.

Copy link
Collaborator

simsekgokhan commented Feb 19, 2019

Hi all, we are very sorry for the long delay.
We have already started this task and as a first step from Robo 1.3 on, the passwords will be saved encrypted.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.