<div dir="ltr">So, basically, some CLI commands used to take as parameters passwords. For instance, "/tool fetch" and "/user add name=name password=pass". Thats generally a bad idea since other users can view the logs, and the password would be in clear text.</div>
<div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, Mar 14, 2014 at 7:13 PM, Nigel Vander Houwen <span dir="ltr"><<a href="mailto:nigel@k7nvh.com" target="_blank">nigel@k7nvh.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I'm not sure what you're meaning there, but it's only impacting a situation where someone else has command line access to your modem. It's stored in the equivalent of .bash_history, and there was no way to clear it, so someone else could look and see. Now there is a way to clear it.<br>
<br>
Nigel<br>
K7NVH<br>
<div class="HOEnZb"><div class="h5"><br>
On Mar 14, 2014, at 5:12 PM, Dean Gibson AE7Q <<a href="mailto:hamwan@ae7q.net">hamwan@ae7q.net</a>> wrote:<br>
<br>
> Oh, OK; it's on the way out (radio to other machine), not the way in (other machine to radio)?<br>
><br>
> On 2014-03-14 17:09, Nigel Vander Houwen wrote:<br>
>> Older versions (5.x) of RouterOS had no way to clear the command line history, thus leaving your password in the logs for anyone with access to go and look at. 6.x has added a feature allowing you to clear the history, in theory resolving the issue.<br>
>><br>
>> Nigel<br>
>> K7NVH<br>
>><br>
>> On Mar 14, 2014, at 5:08 PM, Dean Gibson AE7Q <<a href="mailto:hamwan@ae7q.net">hamwan@ae7q.net</a>> wrote:<br>
>><br>
>>> The Wiki says, "NEVER type passwords using the command line interface (SSH/Terminal/Telnet). There is a known security breach here."<br>
>>><br>
>>> What is the issue?<br>
>>><br>
><br>
><br>
> _______________________________________________<br>
> PSDR mailing list<br>
> <a href="mailto:PSDR@hamwan.org">PSDR@hamwan.org</a><br>
> <a href="http://mail.hamwan.org/mailman/listinfo/psdr_hamwan.org" target="_blank">http://mail.hamwan.org/mailman/listinfo/psdr_hamwan.org</a><br>
<br>
<br>
_______________________________________________<br>
PSDR mailing list<br>
<a href="mailto:PSDR@hamwan.org">PSDR@hamwan.org</a><br>
<a href="http://mail.hamwan.org/mailman/listinfo/psdr_hamwan.org" target="_blank">http://mail.hamwan.org/mailman/listinfo/psdr_hamwan.org</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><p><font face="arial, helvetica, sans-serif">Ryan Turner</font></p>
</div>