Forum / Remote Desktop Manager - Support

Hide passwords in auto connect macros

  • Create an Issue
  • Cancel

Hi,

We have some SSH sessions we want to configure with a generic non-privileged user and use a macro to send sudo and then the password. I've been able to do that using $PASSWORD$ and $MACRO_PASSWORD$. When using $MACRO_PASSWORD$ for some reason sometimes the password is visible in the SSH console, others not, not sure why.

To be specific I'm using this within the SSH Shell session, in Events - After connect - After connect-Macro:

sudo -s{ENTER}{DELAY}$MACRO_PASSWORD${ENTER}

I would like to know if is possible to hide the password, like with SecureCRT in the "Logon Actions".


Thanks and regards,

Clock2 yrs

Do you have example of how it's done in SecureCRT?

Regards

David Hervieux

signaturesignature

Clock2 yrs

Hello David,

I take a look at the "Logon Actions" of Secure CRT and this window Expect a "field" and the Send option send proper value. So you are able to be sure the Password is send only if Password: is the text before.

Secure+CRT+Logon+Actions

Is this what you are talking about?

Best regards,



David Grandolfo

signaturesignature

Secure_CRT_Logon_Actions.png
Clock2 yrs

Hello,

What I'm most interested in is the "hide" feature you can see in the screenshot, so when the password is sent it's not visible in the SSH session. Currently it is visible and from the security standpoint is not ideal. There is right now any way of doing this?

An "expect" feature waiting for a specific string before doing an action is nice to have, but for the moment I can add more delay to the macro in order to let the system enough time to respond.

Thanks.

Clock2 yrs

Hi David,

Just for your information I investigate the "Hide" feature and this is only a Hide for the current window. It doesn't hide the value when you send it. On your current scenario the password is hidden because the SSH field is a hidden field.

If you check "Hide" for another Expect, you will be able to see it in SSH connection.

I could understand that if the password is still sending in clear text, by using a Expect value and being sure the value is an SSH hidden value it more secure to reduce the possibility that the user is able to view the password.

Before opening a ticket with the engineering department could you confirm if Secure CRT feature answer the needs?

Best regards,



David Grandolfo

signaturesignature

Clock2 yrs

Hi David,

You are right, if the delays are properly defined in the macro so RDM sends the password after it's asked, the password will not be visible. This explains why sometimes works and others not.

I confirm the need. Definetively being able to use a expect value would help to improve the security.

Thank you very much.

Clock2 yrs

Hi,

I just open a ticket (WIN-1336), as soon as I have news we inform you.

Best regards,



David Grandolfo

signaturesignature

Clock2 yrs

Hi gentlemen,

Is there any news about this improvement? Do you have any estimated date?

Thank you very much.

Clock11 mths

Hi David,

This feature is still on our to do list.

Incidentally, we cannot provide a timeline for its delivery.

Best regards,



David Grandolfo

signaturesignature

Clock11 mths

Ok, thank you.

Clock11 mths


Hello! The feature should be out with our latest beta version (currently available for download). We apologize for the delay and thank you for your patience.

Regards,


Jafran Majeau

signaturesignature

Clock3 mths