I'm trying to get an SSH key on my mac, but after trying a couple of times I'm stuck when it comes to type passphrase. I cannot type anything.
I'm stuck at the key symbol shown in the picture:
Passphrase is hidden, but you can still write it. Just write the passphrase you want and hit ENTER
This key symbol means you have to enter the password and anything you type is hidden for security reasons.
Related
when I am trying to make git clone in windows shell or cmd it gives me error of authentication, after that I read that I should make personal token instead of password
then I tried to git clone several times with the token but it still gives me the same error
can anyone help ?
If you have correctly generated your ssh keys and added your public key to your account, you should receive a prompt of some sort, asking if you expected to connect to some specific IP address, and then adding that IP address to trusted addresses when you answer yes. If you still get a message about the authentication failing, it could be a matter of you having made a mistake while adding your public key to your account, or git not finding your private key in the expected place. Without getting a look at the specific error message, I couldn't really say, but I would recommend reviewing the steps you took to add the public key to your account.
I'm working on console application for OS X. It is native application in Xcode in swift. User is going to provide his personal password into console. This is one-time action, when password is provided, it is stored by application into KeyChain.
I would like to support user with secure password input. For reading username I use readLine(). I don't want to use same for password as:
Password is visible when user is typing it.
When user press enter, it is still visible on screen.
So far I have 2 ideas how can I prompt for password securely:
Use some kind of ReadChar() function and after each key press, clear console screen, so letter entered by user will not be visible on screen.
Force readLine() function to mask entered characters.
I was not able to find any function that can capture one customisation entered by user. Also I was not able to identify function that I can use to clear console screen. For second idea: In Apple development documentation, I was not able to find any function that will mask user input.
Can you please advice how to overcome this challenge?
When I open skype entry on keychain, and try to set Show Password checkbox, password is not shown, checkbox becomes unchecked.
This behavior described here and here.
If I run
security find-generic-password -ga .token.0
from Terminal App , in line password I see
long 48-digit hexadecimal number and string, like this:
password: 0xAABAAA1AAA4AA5AAAAA6AAA3F6AACAACAAA77AAAAAAAAAAA "\245\241\240...".
If I run this terminal command for any other keychain entry, where I can see password through checking checkbox in Keychain App, it prints readable passowrd on this line.
I tried to get password programmatically using SSKeychain class, and I get nil.
What API/technology Skype uses for such protection of its password?
I want to use this technique in my app to protect my passwords.
I have a PowerShell script which does the following on Windows 7 computers:
Get a random password from a secure server-side application
reset the password of a specific local user account using this password value
As a next step, I want to periodically check if the password saved on the server is still valid. For now, I am using ValidateCredentials from System.DirectoryServices.AccountManagement.PrincipalContext (see Powershell To Check Local Admin Credentials) but it involves to unencrypt the password and send it back to the computer just for this purpose.
Do you see any better way to check if password is still valid avoiding to use clear text password ? Is it possible to compare some hash, or anything else ?
Regards.
You can check the attribute PasswordAge and do a little math to see if the last time the password was changed was the time you set the password.
I have an command line application (not rails) that needs the user to provide their username and password for the website the cli accesses.
I don't want to make the user enter their details for each and every command they execute.
How do I store the details without compromising security and storing the details without encryption? If I encrypt the password, where should I store the pass key so it is still secure?
I imagine an implementation similar to the way the Heroku gem works would be good.
UPDATE:
So I have gone ahead and implemented this in my application, but something doesn't feel quite right about the solution yet.
Prior to accessing the website for the first time, the user is prompted to enter their username and password. Following successful login, the user is asked whether to store the details for later. If yes, the password is encrypted using a key - however, as this is a ruby gem, the key is stored in the application in plain text.
Is there another way to do this. The file containing the username/password is now secure BUT the key to unlock it is stored in the application code.
On the update: no. If you need access to the plain text password, you can only obfuscate the password. You cannot safely store it. The key needs to be in plain, or the key that encrypts that key needs to be in plain, ad infinity. Can't be done.