fischerdouglas
commented
4 years ago Please, Don't let it just to Version 2.0 as proposed in Roadmap...
https://github.com/microsoft/terminal/blob/master/doc/terminal-v2-roadmap.md
Closed fischerdouglas closed 4 years ago
fischerdouglas
commented
4 years ago Please, Don't let it just to Version 2.0 as proposed in Roadmap...
https://github.com/microsoft/terminal/blob/master/doc/terminal-v2-roadmap.md
KalleOlaviNiemitalo
commented
4 years ago The Azure Cloud Shell feature in Windows Terminal already has Credential Manager integration.
Suppose a user has Windows Terminal displaying an application such as PowerShell 7, which then asks for credentials. Nowadays, it looks like this:
PS C:\> $credential = Get-Credential
PowerShell credential request
Enter your credentials.
User: myself
Password for user myself: ********If I understand correctly, you'd like Windows Terminal to detect this credential request and let the user select a previously saved user name and password. Presumably, this should also work if there is an SSH connection between Windows Terminal and the application; otherwise, the application could access the local Credential Manager and pop up a dialog box on its own, so there would be no benefit in having Windows Terminal do that.
There are a few difficulties:
DHowett
commented
4 years ago @KalleOlaviNiemitalo is totally correct here. I really appreciate your excitement, and your suggestion, but this isn't something Terminal is going to do. It's too dangerous to put your terminal emulator in control of your passwords especially when there is no way to validate the destination or recipient of your credentials over a text-mode-only connection.
I'm going to close this one for now, but please feel free to continue the discussion.
KalleOlaviNiemitalo
commented
4 years ago OpenSSH is able to forward requests to an authentication agent, but SSH Agent Protocol supports only keys, not plaintext passwords.
It might be technically (even if not financially) possible to define a similar protocol for user names and passwords, then change Windows Terminal, SSH clients, SSH servers, and applications to use it. This would presumably involve another environment variable pointing to an AF_UNIX socket. The SSH server would be able to augment the password request with the process ID and user and group IDs of the application, from SCM_CREDENTIALS. The SSH client would be able to augment the password request with the name of the remote server and how the server was authenticated. Windows Terminal would be able to verify that the request came via the SSH client process, and to display the information added by the SSH client and server. However, this information would still not make it easy for the user to determine whether the request is trustworthy.
OpenSSH is also able to delegate GSSAPI credentials but I don't really understand how that works or whether it can be used for this purpose.
Description of the new feature/enhancement
The ideia is to copy the resources and concepts the is used on https://github.com/microsoft/Git-Credential-Manager-for-Windows and apply it on windows terminal...
If any credential is requested, it gets in action. Looks into a base if it is already there... That it supports "user+password" authentication, or public/private keys authentication also. Store/replace new credentials if needed...
(P.S.: Git-CredentialManager AskPass wold be nice.
I'm not a programmer... But I think this may fit.
Git bash uses it. If I'm not wrong, in some way, Visual Studio Code also already uses it...
I also know that Windows Terminal has no intention to deal with Password Managers like LastPass or similar... But I think it could be different than that. Mostly on the concerns of risks of using someone else code.
Proposed technical implementation details (optional)
I don't have any details... But if I say "Please" many time would help?
Connect to already created profiles that connect to ssh or telnet without prompting-me passwords... Geting it from a credential databases Windows Credential Manager(equivalent to MasOX KeyChain), or Git-CredentialManager.