Robomongo: Robomongo stored Passwords in plain text

@UltimateFighter Thanks for the feedback. Do you have any suggestions on how to store the password data .. or should there be an option to prompt for each new connection (similar to #609)?

Ultimately any application that saves credentials will be as vulnerable as the configuration of your client environment.

Encryption!?

@UltimateFighter Which encryption algorithm do you suggest? Requirements are simple:

1. Robomongo can encrypt/decrypt it.
2. An attacker which has access to the configuration and robomongo can't decrypt it.

This can be solved by setting up master-password and require it every time you open Robomongo

+1ing. I found my SSH passphrase in plaintext just now. I dunno about other OSes, but as for OSX, perhaps Keychain integration?

https://developer.apple.com/library/ios/documentation/Security/Conceptual/keychainServConcepts/01introduction/introduction.html

+1 for keychain integration. Github did that for https. For linux is Gnome Keyring.

+1 for Keychain integration. Or Keepass2 integration

+1 for keychain integration

Storing password / passphrase in the clear is bad. It's also bad that the UI _displays_ ssh passphrase (in the ssh tab) in cleartext when it's entered.

I realize that this is platform specific, and would be harder to implement, but in Mac OSX build (and Windows build, for that matter), the program should ideally use the OS specific features that already exist for this (keychain in OS X, additionally, builtin ssh-agent functionality in OS X rather than hard-coding passphrase in the client).

Is this something that could be used?
https://github.com/frankosterfeld/qtkeychain

@spamguy @wyardley Just wanted to let you that we made a first step to implementing that issue. In the latest 0.9.0 RC8 release we do not store a ssh key password in robomongo config, instead, we ask for it every time when new ssh connection was initiated. You can read more in the following blog post

Encryption of robomongo.config is planned for the future releases.

Thanks @anorsich
Allowing it to use an existing authentication socket would also seem to be a good idea that should work on multiple platforms, and would avoid having to know the key's passphrase.

@wyardley Thanks for the suggestion! We did great a job re-working SSH tunnel, our implementation allows us to control different settings, such zipping and others. Robomongo stores a password in any way, so I don't think there is a real need to use existing socket. If you already have a socket you can just use it for connections right away.

@anorsich Are you saying that it will use $SSH_AUTH_SOCK or equivalent if it's defined?
I will test with new version (which I think is new since I posted this). The notes at:
http://blog.robomongo.org/robomongo-rc8/ say that (in the future) "Support for SSH agents will be implemented".
I will try to test rc8 when it becomes available.

You could use 256-aes-ctr with master password.

@tailot Where is option to use 256-aes-ctr to encrypt the master password?

@markstos It has not been yet implemented. This is a proposal.

@tailot , thanks a lot for suggestion. We will consider.

This is still a problem even in the latest version robo3t 1.1.1. This is indeed a serious issue, is it being considered for future versions?

Hi guys,

i just saw the removed-flag on this issue,
did you drop this proposal or did you just postpone it?

I think there should be an option to prompt for each connection, as I have other tools to manage and encrypt my passwords.

Hi all, we are very sorry for the long delay.
We have already started this task and as a first step from Robo 1.3 on, the passwords will be saved encrypted.

Hi,

Has this really been solved by using a static key for encryption which is stored alongside with the config file? Or do I miss a important thing which makes this useful/secure?

Thanks,
Peter