Security shouldn't be optional

glumia / polito_dl

Command-line tool and library to download Polytechnic of Turin's online lessons from didattica.polito.it

GNU General Public License v3.0

2 stars 0 forks source link

Security shouldn't be optional #4

Closed steemnd closed 5 years ago

steemnd commented 5 years ago

for security reasons, the --password option should not exist. Take a look at the man page of ssh... do you see any --password option out there? No? Well... OpenSSH was made by OpenBSD, and these guys are pretty known to be very badass cybersecurity engineers, so... if they didn't add a --password option in openssh, there must be at least one good reason.

lvps commented 5 years ago

The good reason is: your plaintext password will end up in bash history or in a log file.