rlm@9: #+title: Password Security in Emacs Terminal Emulators
rlm@9: #+author: Robert McIntyre
rlm@9: #+email: rlm@mit.edu
rlm@9: #+description: emacs terminal password security
rlm@9: #+keywords: emacs, password, security, term
rlm@9: #+SETUPFILE: ../../aurellem/org/setup.org
rlm@9: #+INCLUDE: ../../aurellem/org/level-0.org
rlm@9: #+babel: :mkdirp yes :noweb yes :exports both
rlm@9: 
rlm@9: I use emacs for everything -- email, programming, document
rlm@9: preparation, planning... You name it, I do it! One thing which I use
rlm@9: emacs for is terminal emulation, which is where you create a buffer in
rlm@9: emacs where you can enter commands as if the buffer were a
rlm@9: terminal. Good terminal emulation packages for emacs include
rlm@9: =multi-term= and =term=.
rlm@9: 
rlm@10: * Watch Out for =view-lossage=!
rlm@9: However, if you are going to use terminal emulation in emacs, you have
rlm@9: to be careful around "sudo" prompts, and when logging into other
rlm@11: servers using ssh, because /the last 300 keystrokes you have typed in
rlm@9: emacs are available/ using =C-h l=, a help function in emacs which
rlm@10: displays the last keypresses you have typed.
rlm@9: 
rlm@9: #+begin_example
rlm@9: C-h l runs the command view-lossage, which is an interactive compiled
rlm@9: Lisp function in `help.el'.
rlm@9: 
rlm@9: It is bound to C-h l, <help> l.
rlm@9: 
rlm@9: (view-lossage)
rlm@9: 
rlm@9: Display last 300 input keystrokes.
rlm@9: #+end_example
rlm@9: 
rlm@9: Let's say my password is "sup3r-seekrit#7".
rlm@9: 
rlm@9: I open an emacs terminal using =M-x multi-term=, then do the following
rlm@9: 
rlm@9: #+begin_example
rlm@9: [~] $ ssh rlm@linerva.mit.edu
rlm@9: Password: 
rlm@9: 
rlm@9: Welcome to Linerva, the SIPB Linux dialup for MIT.
rlm@9: Linerva runs Debathena on Debian squeeze.
rlm@9:  http://linerva.mit.edu                           for more information
rlm@9:  blanche linerva-announce -a $USER          # for outage announcements
rlm@9:  linerva@mit.edu              (not IS&T) for questions and bug reports
rlm@9: 
rlm@9: Last login: Mon Mar  4 12:53:23 2013 from ella.csail.mit.edu
rlm@9: rlm@dr-wily:~$ exit
rlm@9: logout
rlm@9: Connection to linerva.mit.edu closed.
rlm@9: #+end_example
rlm@9: 
rlm@9: Now, when I type =C-h l=, I can see this:
rlm@9: 
rlm@9: #+begin_example
rlm@9: s s h SPC r l m @ l i n e r v a . m i t . e d u <return>
rlm@9: s u p 3 r - s e e k r i t # 7 <return> e x i t C-h l
rlm@9: #+end_example
rlm@9: 
rlm@9: Needless to say, this can be a security vulnerability.
rlm@9: 
rlm@9: * Solutions to this problem
rlm@9: 
rlm@9:  - If you don't ever type your password into an emacs terminal buffer,
rlm@9:    then you are not at risk. This can be accomplished by using ssh
rlm@10:    keyfiles or Kerberos for connecting to remote servers, and by
rlm@9:    enabling passwordless sudo.
rlm@9: 
rlm@9:  - You can disable emacs keylogging, though you then won't be able to
rlm@9:    use the =view-lossage= command anymore.
rlm@9: 
rlm@9:  - If there's no way for an attacker to get into your emacs process,
rlm@9:    then your passwords are safe. Still, you run the risk of someone
rlm@9:    physically near your computer using this method to view your
rlm@9:    password, as well as inadvertently exposing your password when
rlm@9:    showing someone what =view-lossage= does!
rlm@9: 
rlm@9: * Source Listing
rlm@9: #+html: <ul> <li> <a href="../org/emacs-password.org">This org file</a> </li> </ul>
rlm@9: 
rlm@9:     
rlm@9: 
rlm@9: 
rlm@9: