14

Have been using redis for my new system and wanted to try some gui, so I stumbled on "redis desktop manager", it supports ssh tunnels, privatekeys and more, great isn't it?

BUT IT SAVES YOUR FUCKING PLAINTEXT PASSWORD AND PATH TO YOUR PRIVATE KEY IN %USER%\.rdm\connections.json

WHAT THE FUCK, fucking ask that password during connection, don't fucking save it in plaintext and give an attacker literally the path to my key, wanted to PR it, but fuck c++, probably thats why he doesnt have it, because hes just using some library, so he doesn't have to fuck with the actual implementation of it.

Comments
  • 1
    Well, technically if a hacker finds it - you are fucked long time ago
  • 1
    @Linux why make it easier by literally telling where the privatekey is and its password, if you can have a strong unique password on top of the key to have enough time to sync a new key across your network if youre breached.
Add Comment