devblog

2014-04-25 16:34:33 -04:00 · 2014-04-25 16:34:33 -04:00 · 5f521f6952
commit 5f521f6952
parent 2adeef61a1
2 changed files with 13 additions and 3 deletions
--- a/doc/design/assistant/sshpassword.mdwn
+++ b/doc/design/assistant/sshpassword.mdwn
@ -25,12 +25,12 @@ code to run ssh-askpass.

 * Maybe force upgrade webapp to https? Locally, the risk would be that
  root could tcpdump and read password, so not large risk. If webapp
-  is used remotely, require https.
+  is being accessed remotely, absolutely: require https.
 * Use hs-securemem to store password.
 * Avoid storing password for long. Erase it after webapp setup of remote
  is complete. Time out after 10 minutes and erase it.
-* Prompt using a field name that does not trigger web browser password
-  saving.
+* Prompt using a html field name that does not trigger web browser password
+  saving if possible.

 ### ssh-askpass shim, and password forwarding

--- a/doc/devblog/day_158__enroute_to_Brazil.mdwn
+++ b/doc/devblog/day_158__enroute_to_Brazil.mdwn
@ -0,0 +1,10 @@
+Next month the roadmap has me working on [[assistant/sshpassword]].
+That will be a nice UI improvement and I'd be very surprised if it takes
+more than a week, which is great.
+
+Getting a jump on it today, investigating using `SSH_ASKPASS`. It seems this
+will even work on Windows! Preliminary design in [[assistant/sshpassword]].
+
+Time to get on a plane to a plane to a plane to Brasilia!
+
+[[!meta date="Fri, 25 Apr 2014 16:32:36 -0400"]]