Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > Secure Shell

Reply
 
Thread Tools Display Modes
  #1  
Old 04-18-2015, 10:54 AM
SET SET is offline
Registered User
 
Join Date: Jun 2009
Posts: 13
Angry A lengthy rant about the New Host Key window

I've never been a big fan of SecureCRT's New Host Key window ever since I started using it with version 5 or something, but since Tab support got added (which is great, don't get me wrong on that) this window got a lot worse.

First of all, to demonstrate what I'm talking about, here's a screenshot of the thing:

This is what I believe is called a "modal window". This means that this window is displayed above the entire application and blocks interaction with it while it's active.

So if I'm busy writing text into tab A and in the background tab B got disconnected and hit this condition on reconnect then it demands my immediate attention, even though chances are I don't care at all right now.
Also, if I was typing something than I will probably continue typing at least a few characters into this window before I notice that it got in my way. If one of these characters was "s", "o", space or enter then I actually accidentally accepted this key! If that were an actual MitM then that would have been pretty terrible.
Additionally, while this window blocks all user interaction with SecureCRT, the program itself continues working. So if I'm not at my PC then the ssh server on the other end will time out my incomplete login after two minutes and then SecureCRT will retry the login after 5 seconds, hitting this problem again and displaying another modal window on top of that. So once I come back to my PC a few hours later there will be a pretty impressive stack of these windows that I have to click through to get back to working. At this point using the Windows task manager to force close SecureCRT and restarting it is the fastest way to accomplish that.

The next problem is the content of this window. It begins with the title: New Host Key. This is wrong, you are complaining about a new IP address, not a new host key.
Next, this is an alias which resolves to different hosts? Wrong again, this hostname resolves to exactly one IP address, as the DNS server clearly told you. This IP address changes occasionally. That's what DNS does, if it was static we would still be shipping host files like in the 70s.
After that, "It is recommended you verify your host key before accepting." Yes, this is good advice. Let me check SecureCRT's host key database to verify that. Oh wait, I can't, because this is a modal window so I'm not allowed to interact with SecureCRT until after I made this decision, which I can't make until I've interacted with SecureCRT.
But thinking about that, if the server's correct key is in the host key database then SecureCRT already knows what this host's key is supposed to be. So why aren't you telling me in this window?
Actually, if you already know what the correct host key is then you also know that this is the correct host key, so why are you bringing this window up in the first place.


So, tl;dr:
This should not be a modal window. It is only interesting in the context of a connection tab, so it should be only in that tab. (Same goes for the "Enter password" window, but that one has not nearly as many problems as this window, so it's not worth a rant.)
Additionally, it should not appear at all if the only thing that happen is that the server changed its IP address. SecureCRT knows what host key belongs to which host name (which is the only real important thing here) and the IP address is completely incidental and irrelevant to that.
Attached Images
File Type: png NewHostKey.png (29.7 KB, 711 views)
Reply With Quote
  #2  
Old 04-18-2015, 03:27 PM
rtb rtb is offline
VanDyke Technical Support
 
Join Date: Aug 2008
Posts: 4,306
Hi Set,

Thanks for the feedback. I have created a feature request to improve the host key dialog and make it non-modal.

We will post here if we make a change in the future.

If you would like to be notified directly, please complete and submit the form at the following location:
Submit Feature Request
__________________
--Todd

VanDyke Software
Technical Support
support@vandyke.com
505-332-5730
Reply With Quote
  #3  
Old 04-22-2015, 09:59 AM
Olaf van der Spek Olaf van der Spek is offline
Registered User
 
Join Date: Jul 2004
Posts: 178
Quote:
Originally Posted by SET View Post
At this point using the Windows task manager to force close SecureCRT and restarting it is the fastest way to accomplish that.
Holding down Escape might work as well.

Good suggestion though, I don't like this window either.
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 04:14 AM.