Topic "Improving PuTTY integration security"

Author Message
raina
[View user's profile]

Joined: 2012-10-02
Posts: 4
Location: Finland
Running Process Explorer, I just noticed that the way session password is remembered and passed to PuTTY, is through the command line and thus shown in PE's Command Line column in plaintext. Shocked

I enjoy the convenience of this feature but knowing what I now know, I'll have to give up using it. Is there another, more secure way to have the password remembered? Because if not, there should at least be a big fat warning in WinSCP when you're enabling "Remember session password and pass it to PuTTY (SSH)".
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24555
Location: Prague, Czechia
This is documented here:
http://winscp.net/eng/docs/security_credentials#putty_password

I have also added mention here now:
http://winscp.net/eng/docs/ui_pref_integration_app#other_options
_________________
Martin Prikryl
raina
[View user's profile]

Joined: 2012-10-02
Posts: 4
Location: Finland
Ah, should have R'd TFM. Rolling Eyes

Anyway, thanks for pointing me towards public key authentication.
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License