summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Joey Hess <joey@kitenet.net>2014-05-15 15:15:19 -0400
committerGravatar Joey Hess <joey@kitenet.net>2014-05-15 15:16:37 -0400
commit068ee408f6282564f7e5cc07b37f1f92d7cb03a5 (patch)
tree1e5fd98409f1b8e6667faec42f17a66273b11dd4
parentec96782dc781afb0074c7a784ce4b1eab02767fe (diff)
deal with ssh key expiry
Not a perfect solution, but good enough, few users will wait 10 minutes in the middle and see it expire, I hope.
-rw-r--r--doc/design/assistant/sshpassword.mdwn13
1 files changed, 6 insertions, 7 deletions
diff --git a/doc/design/assistant/sshpassword.mdwn b/doc/design/assistant/sshpassword.mdwn
index 1fe1e97a7..7e0dbe795 100644
--- a/doc/design/assistant/sshpassword.mdwn
+++ b/doc/design/assistant/sshpassword.mdwn
@@ -21,8 +21,8 @@ can be pretty sure noone is sniffing the (localhost) connection.
cause the webapp to read the password and forward it on. Also, set
DISPLAY to ensure that ssh runs the program. **done**
-Looking at ssh.exe, I think this will even work on windows; it contains the
-code to run ssh-askpass.
+Looking at ssh.exe, I think this will even work on Windows; it contains the
+code to run ssh-askpass. (It does work on Windows!)
### securely handling the password
@@ -31,7 +31,10 @@ code to run ssh-askpass.
is being accessed remotely, absolutely: require https.
* Use hs-securemem to store password.
* Avoid storing password for long. Erase it after webapp setup of remote
- is complete. Time out after 10 minutes and erase it.
+ is complete. Time out after 10 minutes and erase it. **done**
+* If the user is slow, the cached ssh key can exire before they finish.
+ This results in ssh being given no password, and failing. The UI
+ now detects this and suggests the user retry. **done**
* Prompt using a html field name that does not trigger web browser password
saving if possible.
@@ -58,7 +61,3 @@ if the shim cannot requst an arbitrary password prompt.
* test on OSX
* test on Android
-* If the user is slow, the cached ssh key can exire before they finish.
- Currently this results in ssh being given no password, and failing.
- Either avoid time-based expiry (manually expiring when done, and how
- to detect if they gave up?) or notice this and give a sensible error.