importing identity for ssh extension, do the keys get stored somewhere?
463 views
Skip to first unread message
Shawn Chacko
Apr 29, 2022, 10:03:10 PM4/29/22
to chromium-hterm
I am using the ssh extension to mount a remote folder using key-based authentication.
a tutorial online said to click "import" in the connection settings dialog and select the private and pub keys. This worked fine and i am able to mount the folder (SFTP).
my question is: where do the key files get imported to? are they saved in some deep chrome extension folder?
also, is there a way to point the ssh extension to use the key files already present on the system in the ~/.ssh folder, rather than doing this import thing. I tried using the arguments section by adding to the arguments field: [-i /home/chronos/user/.ssh/id_rsa -i /home/chronos/user/.sshi/id_rsa.pub] but this won't work i also tried [ -o IdentityFile=/home/chronos/user/.ssh/id_rsa IdentityFile=home/chronos/user/.ssh/id_rsa.pub] also doesn't work
Mike Frysinger
Apr 29, 2022, 10:35:08 PM4/29/22
to Shawn Chacko, chromium-hterm
the files are stored in internal Chrome storage. it's not an actual file in the filesystem. only Chrome knows how that works.
extensions, by design, don't have direct access to files in the real filesystem.
-mike
--
You received this message because you are subscribed to the Google Groups "chromium-hterm" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-hter...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-hterm/fc9e115b-4366-48cc-a4fa-9f1bc2e798f1n%40chromium.org.
Shawn Chacko
Apr 29, 2022, 10:59:28 PM4/29/22
to chromium-hterm, vap...@chromium.org, chromium-hterm, Shawn Chacko
ok thanks for the info.
i did some further digging and found this https://chromium.googlesource.com/apps/libapps/+/HEAD/nassh/doc/FAQ.md#can-i-connect-using-a-public-key-pair-or-certificate
i pasted the relevant info here if you're interested:
This will import your public/private key files into the HTML5 filesystem associated with Secure Shell. There should be no way for another extension, app, or web page to access this sandboxed filesystem.
Keep in mind that HTML5 filesystems are relatively new. As always, it's possible that there are still exploits to be found or disclosed.
Additionally, Chrome stores HTML5 filesystems as normal files (with mode 600, “-rw-------”) under your profile directory. Non-Chrome applications on your system may be able to access these files.
For your own good, protect your important private keys with a strong passphrase.
Keep in mind that HTML5 filesystems are relatively new. As always, it's possible that there are still exploits to be found or disclosed.
Additionally, Chrome stores HTML5 filesystems as normal files (with mode 600, “-rw-------”) under your profile directory. Non-Chrome applications on your system may be able to access these files.
For your own good, protect your important private keys with a strong passphrase.
Reply all
Reply to author
Forward
0 new messages