PuTTY wish ssh-log-pw-blank

Home | Licence | FAQ | Docs | Download | Keys | Links
Mirrors | Updates | Feedback | Changes | Wishlist | Team

summary: Blank known passwords by default in SSH packet log
class: wish: This is a request for an enhancement.
difficulty: fun: Just needs tuits, and not many of them.
priority: low: We aren't sure whether to fix this or not.
fixed-in: 2004-10-03 (0.56) (0.57) (0.58) (0.59) (0.60) (0.61) (0.62)

Proposal for the SSH packet log we use for debugging: add a checkbox (enabled by default) which causes known password fields to be blanked out, as we recommend that people do manually at the moment.

95% of the time this information isn't useful for our diagnosis, and blanking it out manually is error-prone (it's not unknown for someone to blank out the text portion but forget the hex dump, for example). If we suspect that the information will be useful, we can always instruct our correspondent to uncheck the box.

This would also mean that people could turn logging on semi-permanently for intermittent problems and not have to be so careful with the log files.

Need to correctly handle things like keyboard-interactive authentication, of course.

A similar option (but not enabled by default) would be to blank the data (`payload') fields - again, this information isn't often useful, and it would reduce the care that has to be taken with log files. (It can also substantially reduce the size of log files.)

Obviously this isn't completely secure - even a blanked-out log file contains a fair amount of information that's useful to an attacker. But it's probably a net improvement.

Audit trail for this wish.


If you want to comment on this web site, see the Feedback page.
(last revision of this bug record was at 2004-11-16 15:27:00 +0000)