Your best friend for file transfer.

Fetch application logoFetch

shortcuts file loses passwords (4 posts)

  • Started 16 years ago by eb
  • Latest reply 16 years ago from Scott McGuire
  • eb Member

    I use a shared shortcut file on a server. Several computers access this file and have for some time with no troubles.

    After updating all machines to Fetch version 5.2.1 yesterday only one machine can see the passwords in the shortcuts file. All others see no password when the properties of the shortcut is viewed.

    When I open the shortcuts file on the machine that can read the passwords and try to save as a new shortcuts file to a new name on the server I get the message of "The action could not be completed because an error occurred. Mac OS error -50."

    Any other program can save into the same directory that this shortcut file is in without a problem. This is being saved to a SMB volume from a OS X 10.4.10 machine.

    Any help is appreciated.

    Posted 16 years ago #

  • Scott McGuire Administrator

    Hi,

    There are two separate issues here - the shortcut passwords can only be found on one Mac, and the problem saving the shortcuts file to a new file.

    First, the shortcut passwords.

    The reason the Macs no longer know about the passwords for the shortcuts is that as of Fetch 5.1, Fetch no longer stores the passwords in the shortcuts file - instead the passwords are stored in the Mac OS X keychain.

    While older versions of Fetch stored passwords directly in the shortcut file, they did so using fairly weak encryption. So to provide better security for your passwords, we switched Fetch to store them in the Mac OS X keychain. When you updated to Fetch 5.2.1, all the passwords were automatically moved from the shortcuts file to the keychain.

    Unfortunately, the tradeoff for better security is that when you copy the shortcuts file to another computer, the passwords are not copied with it, because they are stored separately, in the keychain of the Macintosh the shortcut file was created on (or on the Mac that you upgraded from an older version of Fetch on).

    So, you will need to re-enter the passwords on the other Macs, at which point they will be stored in the keychain on those Macs. We realize this change in Fetch behavior is causing you some inconvenience, and we apologize, but we felt the additional security benefits of using the keychain outweighed the drawbacks.

    If you want to transfer the contents of a keychain from one Mac to another, you could investigate using .Mac syncing to sync keychains, or read this article from Apple's support knowledge base about backing up and restoring keychains. Note that the keychain may also contain a user's passwords from other applications, such as passwords for websites used in Safari, in addition to Fetch passwords, so you should think very carefully before replacing the keychain from one Mac with another - since you may not want the other password information to be transferred from Mac to Mac.

    The reason the passwords still work on one Mac is that is probably the machine you first upgraded to Fetch 5.2.1; so on that Mac, the passwords were moved out of the shortcut file and into that Mac's keychain; from that point on, the upgraded shortcut file on the server did not contain passwords.

    In regards to the error saving a new shortcut file to the server... we are not sure why you're getting an error doing that, and we'd like some more information.

    Could you please do the following?

    Try to save the shortcuts file to a new file on the server again. After you get the error, please email us the console log file, which will contain detailed information about the error. To do this:

    * Run the Console application (inside the Utilities folder of your Applications folder).
    * Choose File > Open Console Log
    * Hold down the Command key, and click on the title of the console.log window, which will display a path pop-up.
    * Choose the folder just below "console.log" in the title. This will open the folder containing the console.log file in the Finder.
    * Then, please email the "console.log" file (you don't need to send the other files with numbers at the ends of their names) along with a brief description of the problem you were having ("trying to save a shortcuts file to an SMB volume") to:

    bugs at fetchsoftworks dot com

    Thanks!

    And please let us know if you have any more questions about the above.

    Scott McGuire
    Fetch Softworks

    Posted 16 years ago #

  • eb Member

    You should now have the log file at the email listed. Thanks

    As to the password handling :-(

    many machines - new addresses on regular basis - passwords get changed - lots of transfers that have to be done - central location allowed management across all shifts that rely on this.

    How else can I easily keep all users updated with new and changing addresses/passwords without dealing with each machine on a one by one basis?

    Posted 16 years ago #

  • Scott McGuire Administrator

    Hi,

    Yes, we received the log file, thanks. We'll investigate the problem and let you know if we need more information.

    In the meantime, you can work around the problem by saving the new shortcuts file to a local volume, and then copy it to the server using the Finder.

    Again, I apologize about the passwords, but as I said, we felt it was important to store them securely, and it didn't make sense to invent our own secure store when Apple provides one, and keeps it up to date and secure.

    One thing I forgot to note earlier is that if your users check the "Add to keychain" checkbox when entering a password, that password will be remembered on their machine and they will not need to enter it again.

    Two possible ideas for centralized management:

    You could probably use Apple Remote Desktop to push a standard keychain file to each Mac.

    You could create a webpage listing the passwords, and put that webpage on a secure, internal webserver, and require a password and an encrypted web connection to view the page. Then you can provide that one password for accessing the webpage to your users, they can look up the passwords they need on the webpage, and you could keep the webpage up-to-date.

    Again, we apologize for the inconvenience.

    Thanks,

    Scott McGuire
    Fetch Softworks

    Posted 16 years ago #

Reply

  • Or nickname, if you prefer.
  • This will be kept confidential.
  • This is to ensure that you’re a person, not a spambot.