OSCommerce Product Manager for Windows
FS#194 - PLink wait for user input if the key fingerprint is unknown.
Attached to Project:
OSCommerce Product Manager
Opened by Mario A. Valdez-Ramirez (mvaldez) - Saturday, 21 May 2005, 13:59 GMT
Last edited by Mario A. Valdez-Ramirez (mvaldez) - Saturday, 21 May 2005, 14:15 GMT
Opened by Mario A. Valdez-Ramirez (mvaldez) - Saturday, 21 May 2005, 13:59 GMT
Last edited by Mario A. Valdez-Ramirez (mvaldez) - Saturday, 21 May 2005, 14:15 GMT
|
DetailsThe first time the user attempt to establish a SSH tunnel with PLink, the plink program will display a message to the user explaining that the fingerprint of the remote server is not known, and if it should store it in the Registry or not.
The OSCPMWin application currently has no way to know if the message is displayed or not. The problem is that the PLink program can just hang there waiting for the user input, and the user is unaware because PLink is hidden when invoked from OSCPMWin. |
This task depends upon
A solution would be to capture the plink output and convert those messages to dialogs where the user can answer. Or where the OSCPMWin application can answer silently.
Or we can rebuild plink to ignore those issues.
This bug is major.
We have rebuild plink. This is the easiest way.
However, we are circunventing four security checkings done by PLink. This is not worst than not using PLink, because the non-secured connection doesn't have anyway to check for the authenticity of the DB server.
However, using SSH may add a level of sense of security that PLink it is not actually providing.
I will close this bug, but will open a new one.
As a note, we have recompiled plink.exe with CygWin. The executable looks 33% bigger. Anything else looks good. To be included in the next release.
Just to clarify, by disabling those security checking, we lose the following:
Authentication (of server): Lost.
Authentication (of client): Preserved.
Integrity: Preserved.
Confidentiality: Preserved.
Non-repudiation (of server): Lost.
Non-repudiation (of client): Lost.
(Non-repudiation is lost because authentication is lost, Authentication + Integrity = Non-repudiation), however, it only applies to the server (the client still cannot deny it made the connection).