Re: Regarding feature "Option to skip Password-Dialog for identity file"

Hi Akshay,

Even if you show the password dialog for the first time, the above
scenarios are applicable.
For the context of showing the password prompt first time or not - I'm
suggesting we try first and then show the password prompt.

On Tue, Sep 30, 2025 at 11:16 AM Akshay Joshi <akshay(dot)joshi(at)enterprisedb(dot)com>
wrote:

> Hi Aditya,
>
> I already mentioned that I tried the same solution you suggested, but
> there are a few combinations where it’s unclear when exactly we should
> prompt for the tunnel password. For example, assuming an SSH tunnel with an
> identity file that does not have a password:
>
> 1.
>
> When a user connects to the server for the first time, the password
> dialog for the database server appears if the password has not been saved.
> If the user enters the wrong password, the error we receive is “SSHTunnel
> failed to create.” In this case, it’s unclear whether we should prompt for
> the tunnel password or not.
> 2.
>
> If the SSH tunnel fails to create for reasons other than
> authentication, the error from the sshtunnel library is not descriptive
> enough. Again, we don’t know whether prompting for the password is
> appropriate.
>
> Suppose we always prompt for the password after a connection attempt. In
> that case, the original issue remains; users don’t want to see a prompt if
> an identity file without a password is provided.
>
> That’s why I believe the solution I proposed is the simplest and most
> user-friendly: if users don’t want to be prompted, they can simply disable
> the prompt option from the server dialog.
>
> On Tue, Sep 30, 2025 at 10:33 AM Aditya Toshniwal <
> aditya(dot)toshniwal(at)enterprisedb(dot)com> wrote:
>
>> Hi Akshay,
>>
>> How about we prompt for password irrespective of what is the error from
>> sshtunnel library?
>> Try to connect without a password for identity file based, if any error
>> comes then ask for password along with displaying the error message. No
>> need to bother what the error is about.
>>
>> On Mon, Sep 29, 2025 at 7:27 PM Akshay Joshi <
>> akshay(dot)joshi(at)enterprisedb(dot)com> wrote:
>>
>>> Hi Dave/Hackers,
>>>
>>> I am working on the feature "Option to Skip Password Dialog for Identity
>>> File" #6996 <https://github.com/pgadmin-org/pgadmin4/issues/6996>.
>>>
>>> I initially tried implementing it so that the tunnel password would not
>>> be requested upfront, and would only be prompted on error. However, the
>>> *sshtunnel* library currently returns a generic error message, for
>>> which I have created an issue on the SSHTunnel GitHub repository #305
>>> <https://github.com/pahaz/sshtunnel/issues/305>.
>>>
>>> This approach introduces multiple scenarios for when to prompt for the
>>> tunnel password, making the code more complex and harder to maintain.
>>>
>>> *Proposed solution:*
>>> Add a new switch *"Prompt for password?"* in the server dialog under
>>> the *SSHTunnel* tab. By default, the switch is set to *false* and is
>>> enabled only when the authentication method is *Identity File*. See the
>>> screenshot below for reference.
>>> [image: Screenshot 2025-09-29 at 7.12.17 PM.png]
>>>
>>> Thoughts/suggestions?
>>>
>>>
>>> Akshay Joshi
>>>
>>> Principal Engineer | Engineering Manager | pgAdmin Hacker
>>>
>>> enterprisedb.com
>>>
>>> * Blog*: https://www.enterprisedb.com/akshay-joshi
>>> * GitHub*: https://github.com/akshay-joshi
>>> * LinkedIn*: https:// <http://goog_373708537>
>>> www.linkedin.com/in/akshay-joshi-a9317b14
>>>
>>
>>
>> --
>> Thanks,
>> Aditya Toshniwal
>> pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
>> <https://www.enterprisedb.com/>
>> "Don't Complain about Heat, Plant a TREE"
>>
>

--
Thanks,
Aditya Toshniwal
pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
<https://www.enterprisedb.com/>
"Don't Complain about Heat, Plant a TREE"