Re: Filezilla a security risk

To: debian-user@lists.debian.org
Subject: Re: Filezilla a security risk
From: Rob Owens <rowens@ptd.net>
Date: Thu, 28 Jun 2012 21:48:28 -0400
Message-id: <[🔎] 20120629014827.GB5965@aurora.owens.net>
In-reply-to: <[🔎] 20120628100319.1381b765@ares.home.chubig.net>
References: <[🔎] CA+AKB6E1FfRCNbV6PimAvdvUfoBKuo7rgLsbaCR_7tgtuZdw5A@mail.gmail.com> <[🔎] 20120627194632.GC4759@sid.nuvreauspam> <[🔎] CA+AKB6FCyZ2CV+vE4WqLA_iZ65kdXj+qTc4JmEi5uFdphf6qNQ@mail.gmail.com> <[🔎] 20120628100319.1381b765@ares.home.chubig.net>

On Thu, Jun 28, 2012 at 10:03:19AM +0200, Claudius Hubig wrote:
> Hello francis,
> 
> francis picabia <fpicabia@gmail.com> wrote:
> > On Wed, Jun 27, 2012 at 4:46 PM, Andrei POPESCU
> > <andreimpopescu@gmail.com> wrote:
> > > On Mi, 27 iun 12, 16:26:48, francis picabia wrote:
> > >> I've just learned Filezilla is a security risk.  It stores saved
> > >> passwords and the last used password in a plain text file.
> > >
> > > As do many other programs.
> > 
> > Huh.  None that I run.  Perhaps your standards are, uh, different.
> 
> Pidgin & OpenSSH if used without passphrases, just to name two
> examples. Claws-Mail applies some weird obfuscation that doesn't
> really help, except for that I have to store my passwords somewhere
> else in plaintext, too.
> 
Where does OpenSSH store a password?  Or are you referring to a
passphrase-less private key?

Reply to:

References:
- Filezilla a security risk
  - From: francis picabia <fpicabia@gmail.com>
- Re: Filezilla a security risk
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: Filezilla a security risk
  - From: francis picabia <fpicabia@gmail.com>
- Re: Filezilla a security risk
  - From: Claudius Hubig <debian_1206@chubig.net>

Prev by Date: grub-install says can't identify filesystem; won't install
Next by Date: Re: Filezilla a security risk
Previous by thread: Re: Filezilla a security risk
Next by thread: Re: Filezilla a security risk
Index(es):
- Date
- Thread