Requesting a password when connecting to the server

[akela76]

Hello.
Could you make the GUI prompt for the account password when connecting to Transmission?
I sometimes connect to my home NAS from my work computer, so I don't want to show anyone, even accidentally, the contents of my torrent client. Now you need to specify a password in the settings to connect, it's not always convenient.

[qu1ck]

I don't think the GUI client is the right place to enforce this kind of security.

If you are worried about someone seeing contents of your server you shouldnt be accessing it from a computer that others have full access to. There are too many ways they can snoop on your activity and since it's your work pc they will have full legal right to do it too.

The only more or less secure way to do it is to use your transmission server behind a ssl terminated proxy with strict hsts headers and to access it use a browser with compiled in tls support that you bring yourself (not one preinstalled on work pc). Even then I'd be wary of keyloggers and such so if you want to go full paranoid then add a physical 2 factor auth key or otp generator.

If you don't want to go through all the trouble and don't think someone is actually interested in deliberately accessing your server and all you want is a small hurdle to prevent the most casual of snoopers then I'd suggest simply accessing your server through web. You can install TrguiNG as a web interface and transmission supports basic http auth so you will be asked a password every time you access the page.

Beware though, unless you have an ssl reverse proxy in front of your server, that password is sent over the web in plain text (this is true regardless if you use web interface or a gui client like TrguiNG).

[qu1ck]

Another relatively easy and secure option is to not expose your transmission to internet at all, instead use ssh tunneling. Forward a port when you connect to your server with ssh and use TrguiNG or to connect through that tunnel. That way you get strong encryption and password auth every time you need access, provided you setup your ssh server right.

[akela76]

ОК, thanks