Re: Regarding feature "Option to skip Password-Dialog for identity file"

Hi Akshay,

On Tue, Sep 30, 2025 at 11:36 AM Akshay Joshi <akshay(dot)joshi(at)enterprisedb(dot)com>
wrote:

>
>
> On Tue, Sep 30, 2025 at 11:29 AM Aditya Toshniwal <
> aditya(dot)toshniwal(at)enterprisedb(dot)com> wrote:
>
>> Hi Akshay,
>>
>> Even if you show the password dialog for the first time, the above
>> scenarios are applicable.
>> For the context of showing the password prompt first time or not - I'm
>> suggesting we try first and then show the password prompt.
>>
>
> I tried that implementation, but what if the user doesn’t want a
> password prompt at all when the identity file has no password? Do you think
> the solution you provided fully meets the user’s requirements?
>
It will work the same as the existing flow. Users can proceed without
entering any password.

>
>> On Tue, Sep 30, 2025 at 11:16 AM Akshay Joshi <
>> akshay(dot)joshi(at)enterprisedb(dot)com> wrote:
>>
>>> Hi Aditya,
>>>
>>> I already mentioned that I tried the same solution you suggested, but
>>> there are a few combinations where it’s unclear when exactly we should
>>> prompt for the tunnel password. For example, assuming an SSH tunnel with an
>>> identity file that does not have a password:
>>>
>>> 1.
>>>
>>> When a user connects to the server for the first time, the password
>>> dialog for the database server appears if the password has not been saved.
>>> If the user enters the wrong password, the error we receive is “SSHTunnel
>>> failed to create.” In this case, it’s unclear whether we should prompt for
>>> the tunnel password or not.
>>> 2.
>>>
>>> If the SSH tunnel fails to create for reasons other than
>>> authentication, the error from the sshtunnel library is not descriptive
>>> enough. Again, we don’t know whether prompting for the password is
>>> appropriate.
>>>
>>> Suppose we always prompt for the password after a connection attempt. In
>>> that case, the original issue remains; users don’t want to see a prompt if
>>> an identity file without a password is provided.
>>>
>>> That’s why I believe the solution I proposed is the simplest and most
>>> user-friendly: if users don’t want to be prompted, they can simply disable
>>> the prompt option from the server dialog.
>>>
>>> On Tue, Sep 30, 2025 at 10:33 AM Aditya Toshniwal <
>>> aditya(dot)toshniwal(at)enterprisedb(dot)com> wrote:
>>>
>>>> Hi Akshay,
>>>>
>>>> How about we prompt for password irrespective of what is the error from
>>>> sshtunnel library?
>>>> Try to connect without a password for identity file based, if any error
>>>> comes then ask for password along with displaying the error message. No
>>>> need to bother what the error is about.
>>>>
>>>> On Mon, Sep 29, 2025 at 7:27 PM Akshay Joshi <
>>>> akshay(dot)joshi(at)enterprisedb(dot)com> wrote:
>>>>
>>>>> Hi Dave/Hackers,
>>>>>
>>>>> I am working on the feature "Option to Skip Password Dialog for
>>>>> Identity File" #6996
>>>>> <https://github.com/pgadmin-org/pgadmin4/issues/6996>.
>>>>>
>>>>> I initially tried implementing it so that the tunnel password would
>>>>> not be requested upfront, and would only be prompted on error. However, the
>>>>> *sshtunnel* library currently returns a generic error message, for
>>>>> which I have created an issue on the SSHTunnel GitHub repository #305
>>>>> <https://github.com/pahaz/sshtunnel/issues/305>.
>>>>>
>>>>> This approach introduces multiple scenarios for when to prompt for the
>>>>> tunnel password, making the code more complex and harder to maintain.
>>>>>
>>>>> *Proposed solution:*
>>>>> Add a new switch *"Prompt for password?"* in the server dialog under
>>>>> the *SSHTunnel* tab. By default, the switch is set to *false* and is
>>>>> enabled only when the authentication method is *Identity File*. See
>>>>> the screenshot below for reference.
>>>>> [image: Screenshot 2025-09-29 at 7.12.17 PM.png]
>>>>>
>>>>> Thoughts/suggestions?
>>>>>
>>>>>
>>>>> Akshay Joshi
>>>>>
>>>>> Principal Engineer | Engineering Manager | pgAdmin Hacker
>>>>>
>>>>> enterprisedb.com
>>>>>
>>>>> * Blog*: https://www.enterprisedb.com/akshay-joshi
>>>>> * GitHub*: https://github.com/akshay-joshi
>>>>> * LinkedIn*: https:// <http://goog_373708537>
>>>>> www.linkedin.com/in/akshay-joshi-a9317b14
>>>>>
>>>>
>>>>
>>>> --
>>>> Thanks,
>>>> Aditya Toshniwal
>>>> pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
>>>> <https://www.enterprisedb.com/>
>>>> "Don't Complain about Heat, Plant a TREE"
>>>>
>>>
>>
>> --
>> Thanks,
>> Aditya Toshniwal
>> pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
>> <https://www.enterprisedb.com/>
>> "Don't Complain about Heat, Plant a TREE"
>>
>

--
Thanks,
Aditya Toshniwal
pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
<https://www.enterprisedb.com/>
"Don't Complain about Heat, Plant a TREE"