raveit65
commented
5 years ago https://en.wikipedia.org/wiki/S/KEY Not sure if i understand this all, but there are some security hints.
Closed osch closed 5 years ago
raveit65
commented
5 years ago https://en.wikipedia.org/wiki/S/KEY Not sure if i understand this all, but there are some security hints.
raveit65
commented
5 years ago Perhaps it would be easier to have only one config parameter for disabling/enabling both things, but I'm unsure about this.
Those are different things or not? Looks Ok to have separate config options for each parameter.
raveit65
commented
5 years ago Ok, this works, but is it really needed to enable "S/Key challenge response queries" as default ? Well, i don't understand this feature very well
osch
commented
5 years ago but is it really needed to enable "S/Key challenge response queries" as default ? Well, i don't understand this feature very well
It would be interesting to know, if anyone knows or uses the "highlighting of S/Key queries" feature. It is enabled as default, because it was already enabled as default before this PR.
I myself also do not exactly know, what this s/key feature is about, but it works the following way:
If s/key is enabbled, expressions as for example s/key 1231 24234 in the terminal are highlighted when the mouse is over this expression. Then, with ctrl+mouse click the following popup is displayed:
After entering a password, a phrase is generated and pasted into the terminal, e.g. FIB BURL LIKE JILT TEE AKIN. I would gues this is used for authentication somehow.
raveit65
commented
5 years ago .......because it was already enabled as default before this PR.
Good, than all my concerns are gone. Thanks for explanation.
Here comes the possibility to turn off hightlighting of URLs und "S/Key challenge response queries".
In the code there was already a config parameter
use-skeyfor turning off highlighting of S/Key expressions, but this parameter was not accessible through the profile-preferences ui.I added another config parameter
use-urlsfor turning off hightlighting of URLs and made both parameters accesible through the ui. Perhaps it would be easier to have only one config parameter for disabling/enabling both things, but I'm unsure about this.