Closed osch closed 5 years ago
https://en.wikipedia.org/wiki/S/KEY Not sure if i understand this all, but there are some security hints.
Perhaps it would be easier to have only one config parameter for disabling/enabling both things, but I'm unsure about this.
Those are different things or not? Looks Ok to have separate config options for each parameter.
Ok, this works, but is it really needed to enable "S/Key challenge response queries" as default ? Well, i don't understand this feature very well
but is it really needed to enable "S/Key challenge response queries" as default ? Well, i don't understand this feature very well
It would be interesting to know, if anyone knows or uses the "highlighting of S/Key queries" feature. It is enabled as default, because it was already enabled as default before this PR.
I myself also do not exactly know, what this s/key feature is about, but it works the following way:
If s/key is enabbled, expressions as for example s/key 1231 24234
in the terminal are highlighted when the mouse is over this expression. Then, with ctrl+mouse click the following popup is displayed:
After entering a password, a phrase is generated and pasted into the terminal, e.g. FIB BURL LIKE JILT TEE AKIN
. I would gues this is used for authentication somehow.
.......because it was already enabled as default before this PR.
Good, than all my concerns are gone. Thanks for explanation.
Here comes the possibility to turn off hightlighting of URLs und "S/Key challenge response queries".
In the code there was already a config parameter
use-skey
for turning off highlighting of S/Key expressions, but this parameter was not accessible through the profile-preferences ui.I added another config parameter
use-urls
for turning off hightlighting of URLs and made both parameters accesible through the ui. Perhaps it would be easier to have only one config parameter for disabling/enabling both things, but I'm unsure about this.