Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Robomongo stored Passwords in plain text #731

Open
UltimateFighter opened this issue Jan 8, 2015 · 23 comments
Open

Robomongo stored Passwords in plain text #731

UltimateFighter opened this issue Jan 8, 2015 · 23 comments

Comments

@UltimateFighter
Copy link

@UltimateFighter UltimateFighter commented Jan 8, 2015

in the file robomongo.json all passwords are stored in plain text.

for that reason I must deinstall robomongo now !!!

@stennie
Copy link
Contributor

@stennie stennie commented Jan 9, 2015

@UltimateFighter Thanks for the feedback. Do you have any suggestions on how to store the password data .. or should there be an option to prompt for each new connection (similar to #609)?

Ultimately any application that saves credentials will be as vulnerable as the configuration of your client environment.

@UltimateFighter
Copy link
Author

@UltimateFighter UltimateFighter commented Jan 9, 2015

Encryption!?

@wienczny
Copy link

@wienczny wienczny commented Jan 27, 2015

@UltimateFighter Which encryption algorithm do you suggest? Requirements are simple:

  1. Robomongo can encrypt/decrypt it.
  2. An attacker which has access to the configuration and robomongo can't decrypt it.

@gavruk
Copy link
Contributor

@gavruk gavruk commented Feb 26, 2015

This can be solved by setting up master-password and require it every time you open Robomongo

@spamguy
Copy link

@spamguy spamguy commented Mar 1, 2015

+1ing. I found my SSH passphrase in plaintext just now. I dunno about other OSes, but as for OSX, perhaps Keychain integration?

https://developer.apple.com/library/ios/documentation/Security/Conceptual/keychainServConcepts/01introduction/introduction.html

@thinklinux
Copy link

@thinklinux thinklinux commented Mar 1, 2015

+1 for keychain integration. Github did that for https. For linux is Gnome Keyring.

@markstos
Copy link

@markstos markstos commented Mar 4, 2015

+1 for Keychain integration. Or Keepass2 integration

@stennie stennie added this to the Robomongo 0.9.0 milestone Mar 12, 2015
@H-Max
Copy link

@H-Max H-Max commented Jun 26, 2015

+1 for keychain integration

@wyardley
Copy link

@wyardley wyardley commented Nov 25, 2015

Storing password / passphrase in the clear is bad. It's also bad that the UI displays ssh passphrase (in the ssh tab) in cleartext when it's entered.

I realize that this is platform specific, and would be harder to implement, but in Mac OSX build (and Windows build, for that matter), the program should ideally use the OS specific features that already exist for this (keychain in OS X, additionally, builtin ssh-agent functionality in OS X rather than hard-coding passphrase in the client).

@synthomat
Copy link
Contributor

@synthomat synthomat commented Feb 26, 2016

Is this something that could be used?
https://github.com/frankosterfeld/qtkeychain

@anorsich
Copy link
Contributor

@anorsich anorsich commented Apr 19, 2016

@spamguy @wyardley Just wanted to let you that we made a first step to implementing that issue. In the latest 0.9.0 RC8 release we do not store a ssh key password in robomongo config, instead, we ask for it every time when new ssh connection was initiated. You can read more in the following blog post

Encryption of robomongo.config is planned for the future releases.

@wyardley
Copy link

@wyardley wyardley commented Apr 19, 2016

Thanks @anorsich
Allowing it to use an existing authentication socket would also seem to be a good idea that should work on multiple platforms, and would avoid having to know the key's passphrase.

@anorsich
Copy link
Contributor

@anorsich anorsich commented Apr 19, 2016

@wyardley Thanks for the suggestion! We did great a job re-working SSH tunnel, our implementation allows us to control different settings, such zipping and others. Robomongo stores a password in any way, so I don't think there is a real need to use existing socket. If you already have a socket you can just use it for connections right away.

@wyardley
Copy link

@wyardley wyardley commented Apr 19, 2016

@anorsich Are you saying that it will use $SSH_AUTH_SOCK or equivalent if it's defined?
I will test with new version (which I think is new since I posted this). The notes at:
http://blog.robomongo.org/robomongo-rc8/ say that (in the future) "Support for SSH agents will be implemented".
I will try to test rc8 when it becomes available.

@ghost
Copy link

@ghost ghost commented Mar 5, 2017

You could use 256-aes-ctr with master password.

@markstos
Copy link

@markstos markstos commented Mar 6, 2017

@tailot Where is option to use 256-aes-ctr to encrypt the master password?

@ghost
Copy link

@ghost ghost commented Mar 6, 2017

@markstos It has not been yet implemented. This is a proposal.

@simsekgokhan
Copy link
Collaborator

@simsekgokhan simsekgokhan commented Mar 9, 2017

@tailot , thanks a lot for suggestion. We will consider.

@simsekgokhan simsekgokhan removed this from the Robomongo 1.0 (Draft) milestone Jun 26, 2017
@nullv01d
Copy link

@nullv01d nullv01d commented Jul 3, 2017

This is still a problem even in the latest version robo3t 1.1.1. This is indeed a serious issue, is it being considered for future versions?

@KralMar
Copy link

@KralMar KralMar commented Aug 14, 2017

Hi guys,

i just saw the removed-flag on this issue,
did you drop this proposal or did you just postpone it?

@davideanderson
Copy link

@davideanderson davideanderson commented May 29, 2018

I think there should be an option to prompt for each connection, as I have other tools to manage and encrypt my passwords.

@simsekgokhan simsekgokhan self-assigned this Feb 19, 2019
@simsekgokhan
Copy link
Collaborator

@simsekgokhan simsekgokhan commented Feb 19, 2019

Hi all, we are very sorry for the long delay.
We have already started this task and as a first step from Robo 1.3 on, the passwords will be saved encrypted.

@Peter0x48
Copy link

@Peter0x48 Peter0x48 commented Mar 24, 2021

Hi,

Has this really been solved by using a static key for encryption which is stored alongside with the config file? Or do I miss a important thing which makes this useful/secure?

Thanks,
Peter

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Robo 3T 1.3
Awaiting triage
Linked pull requests

Successfully merging a pull request may close this issue.

None yet