Webtop 5 cloud storage integration credentials security

Hi.

I haven’t posted anything here for a long time because Nethserver is so good!

I have a question regarding the security of the credentials supplied when adding a resource in the Webtop 5 cloud integration tab.

https://docs.nethserver.org/en/v7/webtop5.html#nextcloud-integration

I am particularly interested in a SFTP or CIFS resource (not Nextcloud), although I imagine the way these credentials are saved would be the same. Once you populate the input boxes for username & password, how are these values stored?

The reason for my question is that I would like to allow my users to access internal network files (on the same network as our Nethserver installation) from the Webtop 5 GUI but not if it poses a security risk.

Let’s see if @gabriele_bulfon @Amygos or @lucag can answer on it!

Hi @Greg,
data are saved on PostgreSQL database but at the moment they are in plain text:

webtop5=# select * from vfs.stores where provider = 'smb';
 store_id | domain_id  | user_id  | built_in | provider |   name   |                          uri                          | parameters 
----------+------------+----------+----------+----------+----------+-------------------------------------------------------+------------
       84 | NethServer | federico |        0 | smb      | Test smb | smb://DOMAIN%5Cfederico:testpassword@10.100.100.1/it/ | 
3 Likes

Thank you Federico.

1 Like