[winswitch] XPRA Windows client
Antoine Martin
antoine at nagafix.co.uk
Sat Oct 17 17:45:42 BST 2020
On 17/10/2020 01:03, Richard Powell via shifter-users wrote:
> Hello, I am testing the xpra windows client version 4.0.4 Python 3.8
> 64bit. The program has the ability to Save connection details. Currently,
> this action saves connection details, password included, in a plain text
> .xpra file. Is there a way to have the xpra client save this connection
> information in encrypted text to prevent exposing password?
Since this encryption would need to be reversible for the password to be
used for authentication, it would be more akin to obfuscation and of
limited practical effectiveness in preventing the password from being
exposed.
> If not, is
> there a way to configure the Windows client to disable saving the password
> of a connection, or disable saving connections completely?
It could be done reasonably easily but I fail to see how that helps.
The password field must have been populated by the user or by a
connection file, which means that the password is already known to the
user. Is it not?
Perhaps another authentication module would be preferable for what you
are trying to achieve? (gss / kerberos or even u2f?)
Support for one-time passwords should be trivial to add:
https://xpra.org/trac/ticket/2906
Cheers,
Antoine
More information about the shifter-users
mailing list