isontheline
commented
1 year ago Nice issue!
Could you tell me more about your request? What about the history? How much kind of data should WebSSH store?
Have a nice day @jedis00 ☀️
Open jedis00 opened 1 year ago
isontheline
commented
1 year ago Nice issue!
Could you tell me more about your request? What about the history? How much kind of data should WebSSH store?
Have a nice day @jedis00 ☀️
jedis00
commented
1 year ago Something similar to this, but also capture the duration of the session, if possible. Just some text. Don't really need history, though that would be interesting to capture and allow to view it later.
Yesterday box1 6/8/23 8:08PM - Duration 1h 4m box2 6/8/23 8:08PM - Duration 4h 4m box4 6/8/23 8:08PM - Duration 5h 4m
6/6/23 box12 6/6/23 8:08PM - Duration 5h 4m box18 6/6/23 8:08PM - Duration 3h 4m
isontheline
commented
1 year ago Thank you @jedis00 for your reply and details 🙏
mbierman
commented
1 year ago This would be a lot more useful if the IP address of the connection was also noted.
jedis00
commented
1 year ago This would be a lot more useful if the IP address of the connection was also noted.
Can't hurt to also throw that in, but I would seriously question whether people are memorizing IP addresses or making use of the friendly name on the connection itself.
isontheline
commented
1 year ago Which place would be perfect for accessing this feature?
Long press / right click on the connection > View connections history?
mbierman
commented
1 year ago @isontheline If I had to pick, Long press on connection along side Edit, etc.
@jedis00 IP is crucial. Someone can see if some strange IP (pretending to be a friendly, known device) is accessing a connection. Gmail is a great example. (Location of access based on IP would also be nice)
isontheline
commented
1 year ago @isontheline If I had to pick, Long press on connection along side Edit, etc.
Thanks !
@jedis00 IP is crucial. Someone can see if some strange IP (pretending to be a friendly, known device) is accessing a connection. Gmail is a great example. (Location of access based on IP would also be nice)
I would like more information about these data : IP and Location As WebSSH will only log you own device IP and your own device location, why these informations would be helpful as only your device will access your servers. If anyone else access your servers it will be outside WebSSH and so the connections history is useless.
Or perhaps I have misunderstood the need?
jedis00
commented
1 year ago @mbierman My feature was to log my device connecting to my servers. I'm not sure it would be entirely helpful to see my own IP address there, as someone would need to steal my phone, unlock the device, and then try to login to a server with this app. At that point, I'd be looking at server logs and not something in the app, since I wouldn't have access to the device.
jedis00
commented
1 year ago Termius app has a similar feature if you'd like to see what they're doing.
isontheline
commented
1 year ago On macOS the history shows all attempts on same list on the sidebar :
mbierman
commented
1 year ago Here's a gmail example.
This is important to be aware of logins are happening. My thought is this: Right now the biggest concern I have about WebSSH is the storing of credentials. So, say that is somehow compromised. Say someone either gets access to them or, picks up a device with webssh installed. If I see that a particular device is at an IP it shouldn't be at, or, a device I don't recognize is using WebSSH to access servers that is worrisome. If you are going to log access the log should include the public IP something was done from.
jedis00
commented
1 year ago Here's a gmail example.
This is important to be aware of logins are happening. My thought is this: Right now the biggest concern I have about WebSSH is the storing of credentials. So, say that is somehow compromised. Say someone either gets access to them or, picks up a device with webssh installed. If I see that a particular device is at an IP it shouldn't be at, or, a device I don't recognize is using WebSSH to access servers that is worrisome. If you are going to log access the log should include the public IP something was done from.
Enable FaceID and iCloud. Then you’re fine. What you’re proposing doesn’t really make sense. I want to be able to see the last time I connected to servers. Not others.
mbierman
commented
1 year ago I have FaceID and iCloud enabled, thanks. ;)
For me, this feature is almost useless without the additional info.
jedis00
commented
1 year ago I have FaceID and iCloud enabled, thanks. ;)
For me, this feature is almost useless without the additional info.
What you’re proposing should be handled on the server and not the client. You’re describing a centralized solution, when this app is all client side storage of credentials and backup to iCloud. Apple doesn’t alert you when your Apple ID is already used on a known device where you’re logged in — no reason to expect any different with a ssh client on your iDevice.
putty, Zoc, Termius, and ssh cli do not do what you’re suggesting either. You’d be looking to the server logs and implementing some king of alerting/monitoring approach.
Feel free to make your own feature enhancement ;)
mbierman
commented
1 year ago Feel free to make your own feature enhancement ;)
Wow. I could say the same about your request. I'm done with this thread.
Feature description
A log that shows connection history, including the duration of the connection.