InsideDarkWeb.com

How can I safely use Get-Credential to obtain a username and password for a set period of time for use as command line arguments?

Credentials in the form of SSH keys can be stored in memory using SSH Agent; However, if clicking the wrong link, or running a malicious program they can also be snatched from memory and sent somewhere else; which is why ssh-add offers the -t option to specify how long keys will be kept in memory before one is required to reload them hopefully using a passphrase.

Powershell has simalar functionality using secure strings but we are discouraged from using it, especially when writing credentials to disk; but Powershell offers another option in which you can prompt a user for their username and password, store it in a variable that will last the length of the powershell session: https://stackoverflow.com/questions/47069785/use-encrypted-password-for-plink-putty

Is it possible to unload credentials gathered from Get-Credentials from memory after a set period of time, similar to ssh-add?

Information Security Asked on November 11, 2021

0 Answers

Add your own answers!

Related Questions

What’s a “safe” URL shortening algorithm?

3  Asked on December 31, 2020 by bensower

   

Securing internet connection with hostile ISP

1  Asked on December 29, 2020 by user242761

       

Is Chrome Browser/ Computer compromised by KMSPico?

0  Asked on December 27, 2020 by waterbyte

         

Web Cache Deception – exploitable without a cache server?

1  Asked on December 26, 2020 by citylight

 

Determine if private key belongs to certificate?

3  Asked on December 25, 2020 by thanatos

     

Filtering http responses for subdomain takeover

0  Asked on December 21, 2020 by kirill-z

 

Sql map Manual Vulnerability Assessment

1  Asked on December 20, 2020 by badddy

         

Unknown folders in OneDrive

1  Asked on December 19, 2020 by user851

     

Ask a Question

Get help from others!

© 2021 InsideDarkWeb.com. All rights reserved.