Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > General

Reply
 
Thread Tools Display Modes
  #1  
Old 06-16-2011, 05:41 PM
maxg maxg is offline
Registered User
 
Join Date: Dec 2009
Posts: 22
SecureCRT wishlist: Secure configurations and portability across OSes

Just wanted to chime in to say thanks and make a couple of wishlist requests.

First, I'd love a feature that lets you enable a "master password". Upon enabling this setting, you'd be asked to enter a strong master password. Ideally, all of your sessions, configuration, keys (both public and private) would be encrypted with this password, and then when you start SecureCRT, you would be prompted for the password before you can access anything but maybe a "quick connect" dialog. I really like being able to save my passwords, but I don't like the idea of anyone being able to walk up to my computer and access all my servers!

This also ties into the next part; packaging up the configuration.

I regularly use multiple computers in a variety of locations (home, laptop, office, datacenter, etc). My SecureCRT sessions list has a massive number of entries and over the last 10 years that I've been using SCT, I've managed to configure everything just the way I like it. Trying to synchronize across machines (and now across operating systems as well!) is quite a nuisance.

Just the other day my main workstation died, and I realized I didn't have the IP addresses of a couple of my servers anywhere but in my SCT configuration!

In an ideal world, you'd be able to "Export Configuration" which would let you save a single encrypted (using a master password) file which you could then synchronize to a server/usb stick/whatever and then pop over to another computer, import the file, type in the password and magically all your settings, sessions, keys, etc are there.

This would be so great, and would really save me a large amount of time spent reconfiguring and copying settings around for SecureCRT.

The only issues I can think of off the top of my head would possibly be keymap conflicts, like wanting different keymaps based on if you are in windows/linux/mac os, otherwise this would be real handy for me.

Anyone else think so?
Reply With Quote
  #2  
Old 06-17-2011, 07:44 AM
rtb rtb is offline
VanDyke Technical Support
 
Join Date: Aug 2008
Posts: 4,306
Hi maxg,

Thanks for the suggestions. I have created feature requests in our SecureCRT development database to add the ability to use a master password to encrypt the configuration folder, the ability to export the configuration folder with an option to encrypt it using a password. Should either feature be implemented, we will post to this thread.

If you would like to be notified directly, please complete and submit the form at the following location:
Submit Feature Request
__________________
--Todd

VanDyke Software
Technical Support
support@vandyke.com
505-332-5730
Reply With Quote
  #3  
Old 06-18-2011, 06:07 PM
hades92 hades92 is offline
Registered User
 
Join Date: Jun 2011
Posts: 1
I agree with maxg about the "master password". +1 for this feature if any counter on it !
Reply With Quote
  #4  
Old 06-20-2011, 08:05 AM
rtb rtb is offline
VanDyke Technical Support
 
Join Date: Aug 2008
Posts: 4,306
Hi hades92,

Thanks for the additional request. I have added your post to the feature request. Should a future release of SecureCRT have the ability to use a master password to protect the application or the configuration, we will post here.
__________________
--Todd

VanDyke Software
Technical Support
support@vandyke.com
505-332-5730
Reply With Quote
  #5  
Old 03-28-2012, 07:04 AM
Vanav Vanav is offline
Registered User
 
Join Date: Mar 2012
Posts: 2
I find Master Password a useful feature too. Master Password should do at least this things:
passwords stored in session config files should be encrypted using Master Password,
all used private keys in all sessions should be first decrypted in interactive mode, and next encrypted using Master Password.
Master Password should be optionally saved in resident memory in Activator, denied for swapping out.

So, user will have to enter Master Password only once if he has Activator running, even if he close and reopen SecureCRT. No other passwords will be asked, because session passwords and keys will be possible to decrypt using Master Password. And if files will be compromised, it will be not possible to use session passwords or private keys.

Currently there is a security issue: if session files with saved passwords are compromised, third party can use them. Master Password will solve this too.
Reply With Quote
  #6  
Old 03-28-2012, 07:23 AM
rtb rtb is offline
VanDyke Technical Support
 
Join Date: Aug 2008
Posts: 4,306
Hi Vanav,

Thanks for the request and reasons for the request. I have added your post to our SecureCRT enhancement database to add a master password capability. We will post to this thread if this feature is added in the future.
__________________
--Todd

VanDyke Software
Technical Support
support@vandyke.com
505-332-5730
Reply With Quote
  #7  
Old 04-02-2012, 05:49 AM
Olaf van der Spek Olaf van der Spek is offline
Registered User
 
Join Date: Jul 2004
Posts: 178
Quote:
Originally Posted by maxg View Post
I really like being able to save my passwords, but I don't like the idea of anyone being able to walk up to my computer and access all my servers!
How about locking your desktop? If someone can access your computer, a SCRT master password isn't really going to save you.
Reply With Quote
  #8  
Old 05-21-2013, 06:53 AM
maxg maxg is offline
Registered User
 
Join Date: Dec 2009
Posts: 22
Quote:
Originally Posted by Olaf van der Spek View Post
How about locking your desktop? If someone can access your computer, a SCRT master password isn't really going to save you.
Just came back to check on this thread, because I'm still wishing for this.

Of course I lock my computer, but that doesn't really provide much beyond security for people who have *physical* access to my computer.

Encrypting 100% of the encryption, SSH keys, etc for SecureCRT behind a master password would add a major layer of security, it could also be done at the same time as making the configuration more portable/compatible across operating systems.
Reply With Quote
  #9  
Old 05-21-2013, 07:04 AM
maxg maxg is offline
Registered User
 
Join Date: Dec 2009
Posts: 22
SecureCRT Wishlist

Also to make an update about portability:

The format (ini) for a lot of the configuration is portable, so copying it between computers/OSes is possible and I've been doing it that way, but since there are quite a few external file paths (key maps, ssh keys, etc), lots of stuff breaks between OSes.

Ideally, SecureCRT will move to a system where 100% of the required data can be stored entirely in configuration (a built in key map manager and ssh key manager would be amazing) which is portable (either exportable to a single-file like SQLite or can be used from a service like dropbox by multiple clients, or both) and can be effectively secured (encrypted). Now that it's available on almost every major operating system, it really should be a priority.

To this day I have issues where I edit settings in one terminal and then somehow they manage to get reverted or overwritten by another (I have auto-save settings on, but why is this even an option?! shouldn't settings save as soon as you hit apply/okay and be pushed across terminals?).

Anyway, here's hoping I visit in a year and find some updates!
Reply With Quote
  #10  
Old 05-21-2013, 08:25 AM
rtb rtb is offline
VanDyke Technical Support
 
Join Date: Aug 2008
Posts: 4,306
Hi maxg,

Thanks for the update. I have created two more feature request. Should we make the configuration folder platform agnostic or add the ability to use a database for the configuration folder, we will post to this forum thread.

If you would like to be notified directly, please complete and submit the form at the following location:
Submit Feature Request
__________________
--Todd

VanDyke Software
Technical Support
support@vandyke.com
505-332-5730
Reply With Quote
  #11  
Old 05-31-2013, 12:05 AM
sprink sprink is offline
Registered User
 
Join Date: May 2013
Posts: 4
I just want to chime in and say I would also find this extremely useful, If all of the configurations were platform independent and easily exportable/sync-able.

I have recently tried to use dropbox as an option to sync in the config folder across platforms and machines, but as mentioned, lots of things can break.

+1 to a nice unified, platform independent config file.
Reply With Quote
  #12  
Old 06-03-2013, 02:38 PM
tvaldes tvaldes is offline
Registered User
 
Join Date: Apr 2011
Posts: 2
+1 on this as well
Reply With Quote
  #13  
Old 06-03-2013, 04:07 PM
bgagnon bgagnon is offline
VanDyke Technical Support
 
Join Date: Oct 2008
Posts: 4,226
Hi sprink and tvaldes,

I have +1'ed (x 2) the noted feature request.
__________________
Thanks,
--Brenda

VanDyke Software
Technical Support
support@vandyke.com
(505) 332-5730
Reply With Quote
  #14  
Old 09-29-2013, 05:12 AM
Adam84 Adam84 is offline
Registered User
 
Join Date: Sep 2013
Posts: 1
+1 for the master password feature, only thing keeping me back from having this run off a portable installation.
Reply With Quote
  #15  
Old 09-30-2013, 07:18 AM
rtb rtb is offline
VanDyke Technical Support
 
Join Date: Aug 2008
Posts: 4,306
Noted Adam84. Thanks for the feedback.
__________________
--Todd

VanDyke Software
Technical Support
support@vandyke.com
505-332-5730
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 06:53 AM.