The idea, is that the user does not want to save the passphrase to disk. So, the user types in the passphrase when first logging into a ssh server. But once the user types it in, Aqua Data Studio should save this in memory and reuse it for every other connection with that same file, but without saving it to disk. If Aqua Data Studio is restarted, then the user needs to retype the passphrase.
The key agent needs to store the passphrase per private key file, and not by server. So, if a user uses the same key file for many servers, then the user only needs to type the passphrase for one server and it is reused for all servers.
This must be done in the SSH terminal layer.
I suggest we add these API:
1. public static setKeyAgentEnabled(boolean on)
which enables the "Key Agent". The Key Agent is a Hashtable (think multi-threaded) which caches the user-entered passphrases, indexed by the public key. This way once entered, the passphrase key can be used on any registered server.
Setting on argument to false disables the key agent and also must clear the hashtable.
1. Need to document this new feature. There is a new option - SSH Terminal -- Security - Use Key Agent
2. Works in the latest build 10.0.0_10
3. Test for Correct passphrase - Enter passphrase once and open a new terminal to same server wont prompt for passphrase
4. Test for Incorrect passphrase - Create a new folder in Toolbar and keep the same server connection 2 times. Open All in Tabs. Give the correct passphrase in 1 server and open a new server connection - It should NOT prompt you for passphrase.
In the next open tab, give incorrect password and open a new terminal. It Should prompt you for passphrase again.
5. Test for Reconnect - Enter passphrase in 1 server. Open a new Server. It should NOT prompt for passphrase again. Now reconnect. It should NOT prompt for passphrase.
6. Exit ADS and Restart - should prompt for passphrase first time.
7. If Use Key Agent option is disabled but the passphrase is saved in SSH Connection -- Advanced properties, it should NOT prompt you for the passphrase
1. Need to document this new feature. There is a new option - SSH Terminal -- Security - Use Key Agent
2. Works in the latest build 10.0.0_10
3. Test for Correct passphrase - Enter passphrase once and open a new terminal to same server wont prompt for passphrase
4. Test for Incorrect passphrase - Create a new folder in Toolbar and keep the same server connection 2 times. Open All in Tabs. Give the correct passphrase in 1 server and open a new server connection - It should NOT prompt you for passphrase.
In the next open tab, give incorrect password and open a new terminal. It Should prompt you for passphrase again.
5. Test for Reconnect - Enter passphrase in 1 server. Open a new Server. It should NOT prompt for passphrase again. Now reconnect. It should NOT prompt for passphrase.
6. Exit ADS and Restart - should prompt for passphrase first time.
7. If Use Key Agent option is disabled but the passphrase is saved in SSH Connection -- Advanced properties, it should NOT prompt you for the passphrase
changed key agent to be enabled initially, although I think it's better to have higher security mode on by default.
changed key agent to be enabled initially, although I think it's better to have higher security mode on by default.
Issue #6108 |
Closed |
Fixed |
Resolved |
Completion |
No due date |
Fixed Build 10.0.1 |
No time estimate |
This must be done in the SSH terminal layer.
I suggest we add these API:
1. public static setKeyAgentEnabled(boolean on)
which enables the "Key Agent". The Key Agent is a Hashtable (think multi-threaded) which caches the user-entered passphrases, indexed by the public key. This way once entered, the passphrase key can be used on any registered server.
Setting on argument to false disables the key agent and also must clear the hashtable.