Topic "Do not show proxy password in full open command syntax suggestion"

Author Message
[View user's profile]

Joined: 2017-08-30
Posts: 1
Location: Egham
When connecting using a saved site the proxy password is displayed in plain text. (The site password is masked as per bug fix 1452.)

WinSCP version 5.9.6 and earlier.

Through the GUI create a site using a proxy server. When this is used in a script, a suggestion is logged that displays the plain-text proxy credentials.

Script command:
open user@host

Log file:
Script: In scripting you should not rely on saved sites, use this command instead:
Script: open sftp://user:maskedpassword@host/ -rawsettings ProxyMethod=2 ProxyHost="proxyhost" ProxyPort=proxyportnumber ProxyUsername="proxyusername" ProxyPassword="plaintextpassword"

Expected: proxy password is masked.
Even better, the ability to completely suppress the suggestion, since we deliberately use saved sites and this suggestion is logged for every connection.
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 26705
Location: Prague, Czechia
Thanks for your suggestion.
Will see if more people ask for this.

You can post new topics in this forum


What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!


About donations

$9   $19   $49   $99

About donations


WinSCP Privacy Policy

WinSCP License