Code-server: Incorrect reporting in the terminal when custom password is used

Created on 8 Jun 2019  路  10Comments  路  Source: cdr/code-server

Hi

I am trying to set this up with password but it is not working out well

/opt/code-server/code-server --port=4000 --allow-http --disable-telemetry --password "MYPASS" -d /media/CODE

INFO  Starting webserver... {"host":"0.0.0.0","port":"4000"}
WARN  No certificate specified. This could be insecure.
WARN  Documentation on securing your setup: https://github.com/cdr/code-server/blob/master/doc/security/ssl.md
WARN  Launched without authentication.
INFO  Telemetry is disabled
INFO   
INFO  Started (click the link below to open):

As you see it is laucnhed without password, I tried variations on the password field without any luck.

I am on Debian Buster using code-server v1.1119-vsc1.33.1

bug
Source
picture gerroon

All 10 comments

password is deprecated. Use environment variable PASSWORD instead.

yujincheng08 picture yujincheng08 on 8 Jun 2019
1

password is deprecated. Use environment variable PASSWORD instead.
@yujincheng08
how do you use the environment variable PASSWORD to replace --password to set the custom password. Perhaps, an example code would help. Thanks

Josh-Uvi picture Josh-Uvi on 9 Jun 2019

@Josh-Uvi env PASSWORD=test code-server

deansheather picture deansheather on 9 Jun 2019

@gerroon I just tried this and it looks like code-server incorrectly reports that it's launched without authentication when a password is supplied. I opened it in the browser and it does require a password.

deansheather picture deansheather on 9 Jun 2019
1

@deansheather

Thanks for check it out. I will give it a try. I did not think about thatg possibility to be honest,

gerroon picture gerroon on 9 Jun 2019

We only output the password when it's generated (since you already know the password). https://github.com/cdr/code-server/issues/286#issuecomment-474173109

code-asher picture code-asher on 11 Jun 2019
1

@code-asher sure but the message in the termianl is misleading. It does not have to show the password, but at least it can say the password is enabled instead of WARN Launched without authentication.

gerroon picture gerroon on 11 Jun 2019

Oh, right! I completely missed that part. Let's update the issue title to something like "Incorrectly reports as launching without authentication when using custom password".

code-asher picture code-asher on 11 Jun 2019

Thanks for the bug report; just pushed a fix. I'm gonna try to read issues (and comments!) more closely in the future, sorry about that. :stuck_out_tongue:

code-asher picture code-asher on 11 Jun 2019
1

I saw this problem too. Thought use of PASSWORD environment variable was broken because of it!
didn't get around to reporting it before this bug report appeared.

antofthy picture antofthy on 12 Jun 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

grant picture grant  路  3Comments
infogulch picture infogulch  路  3Comments
chrischabot picture chrischabot  路  3Comments
lshamis picture lshamis  路  3Comments
pchecinski picture pchecinski  路  3Comments