#+title: Password Security in Emacs Terminal Emulators #+author: Robert McIntyre #+email: rlm@mit.edu #+description: emacs terminal password security #+keywords: emacs, password, security, term #+SETUPFILE: ../../aurellem/org/setup.org #+INCLUDE: ../../aurellem/org/level-0.org #+babel: :mkdirp yes :noweb yes :exports both I use emacs for everything -- email, programming, document preparation, planning... You name it, I do it! One thing which I use emacs for is terminal emulation, which is where you create a buffer in emacs where you can enter commands as if the buffer were a terminal. Good terminal emulation packages for emacs include =multi-term= and =term=. * Watch Out for =view-lossage=! However, if you are going to use terminal emulation in emacs, you have to be careful around "sudo" prompts, and when logging into other servers using ssh, because /the last 300 keystrokes you have typed in emacs are available/ using =C-h l=, a help function in emacs which displays the last keypresses you have typed. #+begin_example C-h l runs the command view-lossage, which is an interactive compiled Lisp function in `help.el'. It is bound to C-h l, l. (view-lossage) Display last 300 input keystrokes. #+end_example Let's say my password is "sup3r-seekrit#7". I open an emacs terminal using =M-x multi-term=, then do the following #+begin_example [~] $ ssh rlm@linerva.mit.edu Password: Welcome to Linerva, the SIPB Linux dialup for MIT. Linerva runs Debathena on Debian squeeze. http://linerva.mit.edu for more information blanche linerva-announce -a $USER # for outage announcements linerva@mit.edu (not IS&T) for questions and bug reports Last login: Mon Mar 4 12:53:23 2013 from ella.csail.mit.edu rlm@dr-wily:~$ exit logout Connection to linerva.mit.edu closed. #+end_example Now, when I type =C-h l=, I can see this: #+begin_example s s h SPC r l m @ l i n e r v a . m i t . e d u s u p 3 r - s e e k r i t # 7 e x i t C-h l #+end_example Needless to say, this can be a security vulnerability. * Solutions to this problem - If you don't ever type your password into an emacs terminal buffer, then you are not at risk. This can be accomplished by using ssh keyfiles or Kerberos for connecting to remote servers, and by enabling passwordless sudo. - You can disable emacs keylogging, though you then won't be able to use the =view-lossage= command anymore. - If there's no way for an attacker to get into your emacs process, then your passwords are safe. Still, you run the risk of someone physically near your computer using this method to view your password, as well as inadvertently exposing your password when showing someone what =view-lossage= does! * Source Listing #+html: