Closed yanne closed 10 years ago
yanne
commented
10 years ago Original comment by Magnus.S...@gmail.com on Nov 27, 2009.
If you put the username and the password in variables before passing them to the keyword, the will not be shown in clear text. Rather the log.html will look something like: KEYWORD: SSHLibrary.Login ${SSH_ADMIN_USER_NAME}, ${SSH_ADMIN_PASSWORD}
yanne
commented
10 years ago Original comment by janne.t....@gmail.com on Dec 1, 2009.
Robot Framework itself writes arguments of any keyword to log file and there is currently no way in which we could control this from SSHLIbrary. Thus using variables as Magnus.Smedberg suggested is the best way to avoid passwords being visible in the log.
yanne
commented
10 years ago Original comment by pekka.klarck on Dec 1, 2009.
This would be different if the user name and password were written also as a log message (based on the comments I assume they aren't but haven't checked myself) similarly as Telnet library does. Telnet nowadays replaces the password in that log message with asterisks.
At the moment the log.html includes pass word when login has been called. This is not good idea as even the test-servers quite often has password and user right protections.
So instead of having:
KEYWORD: SSHLibrary.Login teme, temespassword
there should be
KEYWORD: SSHLibrary.Login teme, ****\ (that amount of stars should be fixed)
This issue was originally opened at Google Code on May 19, 2009.