CODEWITHSUNDEEP
c#sshmauipassword-encryptionpassword-storage
Roman V
Roman V

Reputation: 15

A secure way to store SSH credentials (MAUI / C# application)

I currently use Preferences to save all the other data I reuse in my application. So, when it comes to SSH credentials, host/port/username can be stored in plain-text, but what to do with the password?

        Preferences.Default.Set("hostname", entryHostname.Text);
        Preferences.Default.Set("port", int.Parse(entryPort.Text));
        Preferences.Default.Set("username", entryUsername.Text);

Can it be encrypted and stored as a string or a byte array?

Maybe serialize a ConnectionInfo object and save it as .json file?

What are the other options? How do the other applications store credentials in a secure way?

JuiceSSH or Raspicast as references

enter image description here enter image description here

Here is what Raspicast does with the SSH passwords: https://github.com/HaarigerHarald/raspicast/blob/3395f68a969376afba44ece3e4c9b2932c485c6b/src/main/java/at/huber/raspicast/utils/PasswordEncrypter.java

Upvotes: 1

Views: 503

Answers (2)

Jessie Zhang -MSFT
Jessie Zhang -MSFT

Reputation: 13803

Both Preferences and Secure storage could achieve the same result. And SecureStorage uses the Preferences API and follows the same data persistence outlined in the Preferences documentation.

However, data of SecureStorage is encrypted with the Android EncryptedSharedPreferences class, from the Android Security library, which wraps the SharedPreferences class and automatically encrypts keys and values.

So when it comes to security, SecureStorage is safer than Preferences.

For more information, you can check document Platform differences of SecureStorage and Limitations.

Upvotes: 2

Matin
Matin

Reputation: 536

There's no 100% secure way to store the important credentials locally without the risk of being compromised. Even if you try to encrypt the values, as long as it is done in the application and is a part of your app's code, it's not completely safe. You could try storing the important data in the cloud, and temporarily loading them in memory for usage, but this possibility depends on your application's context.

Also, the OS matters too. In Android and iOS, it's generally harder to extract apps saved data using applications or tools from outside.

Upvotes: 0

Related Questions