Information Security Asked on November 11, 2021
Credentials in the form of SSH keys can be stored in memory using SSH Agent; However, if clicking the wrong link, or running a malicious program they can also be snatched from memory and sent somewhere else; which is why ssh-add
offers the -t
option to specify how long keys will be kept in memory before one is required to reload them hopefully using a passphrase.
Powershell has simalar functionality using secure strings but we are discouraged from using it, especially when writing credentials to disk; but Powershell offers another option in which you can prompt a user for their username and password, store it in a variable that will last the length of the powershell session: https://stackoverflow.com/questions/47069785/use-encrypted-password-for-plink-putty
Is it possible to unload credentials gathered from Get-Credentials from memory after a set period of time, similar to ssh-add
?
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP