Page 1 of 1

Winbox v3.16 released!

Posted: Mon Jul 02, 2018 2:35 pm
by strods
What's new in v3.16:

*) added back support for connecting to older RouterOS v6 versions;
*) fixed crash when connecting to newest RouterOS on MacOS wine;

If you experience version related issues, then please report them to support@mikrotik.com.

Winbox is available here:
http://www.mikrotik.com/download

If you try to upgrade directly from Winbox loader and version is not available, then you might need to wait for a while until cache in path between your device and our servers is refreshed.

Re: Winbox v3.16 released!

Posted: Mon Jul 02, 2018 4:20 pm
by Spidlacz
It still remains a problem when I run Winbox with the parameters. Winbox looks for neighbors even if there is no reason to do so.

Re: Winbox v3.16 released!

Posted: Mon Jul 02, 2018 4:58 pm
by tomaskir
*) added back support for connecting to older RouterOS v6 versions;
Does this mean that Winbox is again able to download and execute DLLs received from external sources?

Re: Winbox v3.16 released!

Posted: Mon Jul 02, 2018 5:28 pm
by R1CH
Hopefully it uses a whitelist approach and only executes DLLs with known hashes.

Re: Winbox v3.16 released!

Posted: Mon Jul 02, 2018 7:19 pm
by Sob
It's only older RouterOS v6. WinBox 3.15 didn't work with e.g. RouterOS 6.19 (probably others too). WinBox 3.16 works again. And no, support for dll-based versions didn't come back.

Re: Winbox v3.16 released!

Posted: Wed Jul 04, 2018 8:17 pm
by rtucci
Since Winbox v3.15 (also in v3.16), the "Quick Set" window is messed up. v3.14 shows the window as expected.
I'm using Windows 10 Pro Version 1709.
I've tried clearing the cache but this didn't make a difference.

Finally problem was fixed by deleting %AppData%\Roaming\Mikrotik\Winbox folder.

Re: Winbox v3.16 released!

Posted: Thu Jul 05, 2018 7:56 am
by nz_monkey
I have a crazy feature request.

Abandon the current GUI framework that WinBox is using and move to QT. Yes, I know it will be a LOT of work, but it will make life easier for Mikrotik developers, and allow Mikrotik to add more features in the long run.

Re: Winbox v3.16 released!

Posted: Thu Jul 05, 2018 9:43 am
by Kindis
I have a crazy feature request.

Abandon the current GUI framework that WinBox is using and move to QT. Yes, I know it will be a LOT of work, but it will make life easier for Mikrotik developers, and allow Mikrotik to add more features in the long run.
I would go even further and say please rewrite all to a Progressive WebApp (PWA). That will make it OS independent and also adjust better to screen size. Would also make the admin tool a lot more modern.

Re: Winbox v3.16 released!

Posted: Thu Jul 05, 2018 10:33 am
by chojrak11
I have a crazy feature request.

Abandon the current GUI framework that WinBox is using and move to QT. Yes, I know it will be a LOT of work, but it will make life easier for Mikrotik developers, and allow Mikrotik to add more features in the long run.
How did you guess they have any problem with this framework? :)
They just have more important priorities than "rewrites" of GUI tools. Like for example providing us with working WPA3 or adding features to RouterOS.
Green developers in their mid-20s would rewrite everything with no reason...
I would go even further and say please rewrite all to a Progressive WebApp (PWA). That will make it OS independent and also adjust better to screen size. Would also make the admin tool a lot more modern.
It'd be the worst decision ever made. Don't go that way, Mikrotik. I value the very lightweight tools you provide, their instant response times, low network requirements and high GUI update speeds. Web cannot provide that and you're gonna drown in endless JavaScript framework crap work and costly HTTP/Json garbage. Plus, instead of being 1.5 MB in size, it's going to be at least 500 MB. Please, don't even think about wasting your time with Electron or PWAs.

Re: Winbox v3.16 released!

Posted: Thu Jul 05, 2018 10:53 am
by complex1
@chojrak11

+1

Re: Winbox v3.16 released!

Posted: Thu Jul 05, 2018 10:59 am
by freemannnn
@chojrak11

+1

Re: Winbox v3.16 released!

Posted: Thu Jul 05, 2018 11:04 am
by vecernik87
JS dev here: Despite being fan of these PWA, electron and web technologies, this should be a no-go for manufacturer. Let them focus on CLI and API. Then, anyone can write web-like-interface, if he thinks it is going to be useful.

Re: Winbox v3.16 released!

Posted: Thu Jul 05, 2018 3:19 pm
by Sob
Don't touch my WinBox, or else! I don't know yet what else, I'm thinking about perhaps some haunting in dreams, which I can't do currently, but to avenge WinBox, I'd learn! :twisted:

Re: Winbox v3.16 released!

Posted: Thu Jul 05, 2018 3:46 pm
by Cha0s
Since v3.15 when opening a static IPv6 route that has a link-local gateway causes 100% cpu usage on winbox using Win7 x64.
With a global address as gateway there is not cpu usage.
In the meantime everything stops updating in Winbox (all other windows don't show new info)

If I leave it open for over a few seconds winbox will disconnect completely from the router.

v3.14 works without any issues.


Oh, and I agree. Don't you dare change Winbox to some stupid Electron app. Winbox is perfect as it is. We DON'T want it to change.

Re: Winbox v3.16 released!

Posted: Fri Jul 06, 2018 1:36 pm
by fatonkastrati
Hello everybody,
Nowadays I have problem connecting remotely as a user to mikrotik using winbox. Also problem to connect with webfig. In some Public IPs it works but in majority of them not. Do anybody have any informations about this issue?
The request of winbox is: could not connect to....IP!

Thanks,
Faton

Re: Winbox v3.16 released!

Posted: Fri Jul 06, 2018 2:42 pm
by karlisi
Hello everybody,
Faton
Start new topic, please! This is for problems with Winbox v3.16 only!

Re: Winbox v3.16 released!

Posted: Mon Jul 09, 2018 5:19 pm
by Steveocee
Don't touch my WinBox, or else! I don't know yet what else, I'm thinking about perhaps some haunting in dreams, which I can't do currently, but to avenge WinBox, I'd learn! :twisted:
+1 (except a little bit more passive aggressively)

Re: Winbox v3.16 released!

Posted: Mon Jul 09, 2018 7:56 pm
by R1CH
Winbox self-update is still vulnerable to MITM to execute arbitrary code. (ref: ticket 2018052822004611)

Re: Winbox v3.16 released!

Posted: Tue Jul 10, 2018 2:54 pm
by Kraken2k
The problem with "Click Reconnect, then Winbox window disappears and after exactly 30 seconds automatically disconnect from device with Connection lost window appearing again" still persist

(first time spotted in v3.14 viewtopic.php?f=21&t=134940&start=50#p665710)

Re: Winbox v3.16 released!

Posted: Wed Jul 11, 2018 2:16 pm
by pietroscherer
The problem with "Click Reconnect, then Winbox window disappears and after exactly 30 seconds automatically disconnect from device with Connection lost window appearing again" still persist

(first time spotted in v3.14 viewtopic.php?f=21&t=134940&start=50#p665710)
The same here, running Crossover / MacOS.

Re: Winbox v3.16 released!

Posted: Wed Jul 11, 2018 5:54 pm
by colinardo
Since v3.15 when opening a static IPv6 route that has a link-local gateway causes 100% cpu usage on winbox using Win7 x64.
Have the same symptom here in the CAPsMAN Channel-List. Sometimes when copying channel and editing either frequency name or other items for that channel, the dialog freezes and does not respond to entries (Win7 x64).

Best regards
@colinardo

Re: Winbox v3.16 released!

Posted: Wed Jul 11, 2018 6:04 pm
by pe1chl
I would welcome when the winbox-router connection is a little more patient in cases of network loss.
With brief network interrups, like an intermediate router rebooting or an access point re-associating or a PPPoE connection being re-made, the open winbox windows all fall back to the connection screen.
It would be nice when there was a configurable timeout or some option for patience in case of "network unreachable" replies. It could come back soon :-)

Re: Winbox v3.16 released!

Posted: Wed Jul 11, 2018 6:08 pm
by Cha0s
I would welcome when the winbox-router connection is a little more patient in cases of network loss.
With brief network interrups, like an intermediate router rebooting or an access point re-associating or a PPPoE connection being re-made, the open winbox windows all fall back to the connection screen.
It would be nice when there was a configurable timeout or some option for patience in case of "network unreachable" replies. It could come back soon :-)
+1

Especially now with winbox 3 that completely hides the whole window when disconnected so you cannot see what was happening at the time that got disconnected.

Winbox 2 would keep the window open with all windows inside as they were at the time of the disconnection (and rarely would completely exit on disconnect).

Re: Winbox v3.16 released!

Posted: Thu Jul 12, 2018 8:37 am
by amt
The problem with "Click Reconnect, then Winbox window disappears and after exactly 30 seconds automatically disconnect from device with Connection lost window appearing again" still persist

(first time spotted in v3.14 viewtopic.php?f=21&t=134940&start=50#p665710)
same... every one have this problem ?

Re: Winbox v3.16 released!

Posted: Thu Jul 12, 2018 10:40 am
by npero
Confirm some problem.

Re: Winbox v3.16 released!

Posted: Thu Jul 12, 2018 11:30 am
by sid5632
same... every one have this problem ?
Yep...

Re: Winbox v3.16 released!

Posted: Mon Jul 16, 2018 9:49 am
by alexvdbaan
The problem with "Click Reconnect, then Winbox window disappears and after exactly 30 seconds automatically disconnect from device with Connection lost window appearing again" still persist

(first time spotted in v3.14 viewtopic.php?f=21&t=134940&start=50#p665710)
same... every one have this problem ?
I have a CCR1009 (6.42.5) with a routed subnet connected through a cable connection and a fiber line through PPPoE. When I connect to my PPPoE fiber I get the 30 seconds disconnect. I also notice that my winbox stats (time/cpu/uptime) all remain on 00:00:00. When I connect to my cable connection on the same box this issue doesn't appear, my connection remains stable and I receive the winbox stats after 2 seconds. I also tested this on a RB3011 with 6.40.8 and fiber PPPoE, same issue: no stats and 30 second disconnect.

When downloading winbox 3.12 my connection to the PPPoE connections remain stable and I receive my winbox stats immediately, this goes for the CCR1009 & the RB3011

Re: Winbox v3.16 released!

Posted: Mon Jul 16, 2018 10:51 am
by pe1chl
That could well be an MTU issues. Those routed subnets on cable are in fact delivered as a VPN and have quite low MTU, like 1456 or so.
You need to set that on your interface or you will have strange issues.

Re: Winbox v3.16 released!

Posted: Mon Jul 16, 2018 11:17 am
by strods
We are aware of problem that Winbox disconnects after a small inactivity period if specific windows are opened. We will try to fix this problem as soon as possible.

Re: Winbox v3.16 released!

Posted: Tue Jul 17, 2018 12:34 pm
by Kickoleg
winbox 3.16 - impossible add ip address for bridge .. .immediately dissconnect without adding ip address ...
testing in this sitatution :
WAP LTE kit, SXT LTE kit coneecting throut the cable with port ether1 from laptop...
reset no defaults -> add bridge "Bridge" mode=no -> add port ether1 to bridge -> add ip address 192.168.X.1/24 -> imeediately dissconect without adding ip address
Version router 6.42.6
Very disappointed with the latest products Mikrotik ...

Re: Winbox v3.16 released!

Posted: Tue Jul 17, 2018 1:43 pm
by Chupaka
Are you sure you're not disconnected on "add port ether1 to bridge"? How do you connect to the router? I can't repeat such problem on my virtual ROS...

Re: Winbox v3.16 released!

Posted: Tue Jul 17, 2018 2:45 pm
by Kickoleg
Are you sure you're not disconnected on "add port ether1 to bridge"? How do you connect to the router? I can't repeat such problem on my virtual ROS...
I'm pretty sure ... disconnect if I add to bridge port i understand what mac-address changes ... and here situation when i add to bridge ip address it disconnect and not write ip address ...
And i have old winbox version 2.2.18 and i can configure ip address without problemm ....

Re: Winbox v3.16 released!

Posted: Tue Jul 17, 2018 3:39 pm
by Cha0s
Since v3.15 when opening a static IPv6 route that has a link-local gateway causes 100% cpu usage on winbox using Win7 x64.
Have the same symptom here in the CAPsMAN Channel-List. Sometimes when copying channel and editing either frequency name or other items for that channel, the dialog freezes and does not respond to entries (Win7 x64).

Best regards
@colinardo
And another place this bug occurs is when I have an EoIP tunnel and I click on the MTU field. It doesn't occur when adding a new EoIP tunnel, only when editing an existing one that doesn't have the MTU field configured yet.

Re: Winbox v3.16 released!

Posted: Wed Jul 18, 2018 3:40 am
by neyla12
Have the same symptom here in the CAPsMAN Channel-List too.

Re: Winbox v3.16 released!

Posted: Thu Jul 19, 2018 4:57 pm
by Cha0s
Yeah, the bug is present in many places.

IPv6 static routes with link-local gateways will cause 100% cpu and disconnect.
Editing and EoIP tunnel and setting the MTU (when not already set) will cause 100% cpu and disconnect.
Copying an SSTP Client interface will cause 100% cpu and disconnect.
Copying an OVPN Client interface will cause 100% cpu and disconnect.
Copying an EoIP interface will cause 100% cpu and disconnect.
Just opening any PPP secret will cause 100% cpu and disconnect.
And as mentioned (but I haven't tested it myself) also CAPsMAN Channel-List causes the same problem.

When I say 100% I mean winbox consumes 100% cpu (single core) on the host PC. Not ROS.

Re: Winbox v3.16 released!

Posted: Thu Jul 19, 2018 5:01 pm
by mrz
Win10 and linux+wine did not experience any of your listed problems.

Re: Winbox v3.16 released!

Posted: Thu Jul 19, 2018 5:07 pm
by Cha0s
On Win7 x64 the problems exist.

Re: Winbox v3.16 released!

Posted: Thu Jul 19, 2018 9:02 pm
by sid5632
I left a CHR with just the Dude Settings dialog open and closed Winbox.
When I re-opened it, it had the IP Settings dialog open instead.
This is perfectly repeatable across at least ROS 6.42.6 and 6.43rc44 so I conclude it's another Winbox problem.
Bizarre!

Re: Winbox v3.16 released!

Posted: Fri Jul 20, 2018 4:43 pm
by sell4bids
Have the same symptom here in the CAPsMAN Channel-List too.

Re: Winbox v3.16 released!

Posted: Wed Jul 25, 2018 8:10 am
by Jotne
Request for new function.

When you in Firewall select column to show, you get a long, long list.
It would be nice to have mouse scroll working, so I do not ned click on and on to get to the bottom.
So add Mouse Scroll to work everywhere.

Re: Winbox v3.16 released!

Posted: Wed Jul 25, 2018 9:49 am
by pe1chl
When you in Firewall select column to show, you get a long, long list.
It would be nice to have mouse scroll working, so I do not ned click on and on to get to the bottom.
So add Mouse Scroll to work everywhere.
I know what you mean, but you can use the End key to go to the end of the list quickly.
However, now that I have a new monitor (2560x1440) I do see the whole list at once :D
I have suggested before that this whole thing should be re-made: instead of the two-level fold-out menu
where you can select/unselect a single item at a time, the menu should open a multi-column dialog (solving
your problem) with all items + checkmark and OK/CANCEL button so you can select/unselect as many items
as you like and then confirm in one action.

Re: Winbox v3.16 released!

Posted: Wed Jul 25, 2018 10:30 am
by Jotne
I do agree that it should be rewritten.

END did not work,but UP arrow takes me to the bottom of the list, sine going one up scrolls around to the bottom :)

Re: Winbox v3.16 released!

Posted: Thu Jul 26, 2018 2:51 pm
by icedblind
In 3.16 version of Winbox, i still have problems to connect to 5.26 version of RouterOS rbs:
"ERROR: could not fetch index"
What log can i provide to debug more?

It is strongly recommended to read software changelog before an upgrade:
Sorry i've now realized my reading error, i understod that in 3.16 you were re-enabling back support for RouterOs "older than" v6.
My fault! Bye.

Re: Winbox v3.16 released!

Posted: Thu Jul 26, 2018 3:10 pm
by strods
It is strongly recommended to read software changelog before an upgrade:

viewtopic.php?t=132974

"abandoned support for connecting to older RouterOS versions (older than v6), no DLLs will ever be downloaded"

Re: Winbox v3.16 released!

Posted: Thu Jul 26, 2018 3:58 pm
by wardat79150
Hi there
My problem is in hotspot users ,when i login to mikrotik router by winbox go to users i found that some of users are making for them disable for alone outmaticly
and I enable them bake
after about 15 minutes I see them bake bisable alone
Please I need help
Thanks

Re: Winbox v3.16 released!

Posted: Thu Jul 26, 2018 6:06 pm
by Sob
"abandoned support for connecting to older RouterOS versions (older than v6), no DLLs will ever be downloaded"
You probably don't want to do it, but what about support for local dlls? A one-time download containing all 5.26 dlls that WinBox would be willing to use if available? Because there are some older devices that can't be upgraded to 6.x at all, or it's too heavy for them. It probably wouldn't be the perfect solution, because I guess there's no backward compatibility (5.26 dlls for other 5.x or even 4.x, ...), but better than nothing. Keeping older WinBox is of course an option, but it's a little annoying to remember which one needs to be used for given device. Or perhaps an option in new WinBox to open older one, when RouterOS < 6 is detected?

Re: Winbox v3.16 released!

Posted: Mon Jul 30, 2018 4:02 pm
by athanp
Hello,

can you please add columns Firmware & Software Version when we save [add/set] , it would help allot with winbox zero day attack .

regards

Athanasios Paloukis

Re: Winbox v3.16 released!

Posted: Thu Aug 02, 2018 12:11 am
by kibe
Did anybody tell me something...
Why winbox store saved passwords in plane text in his config files?
For eaxmple here c:\Users\<UserName>\AppData\Roaming\Mikrotik\Winbox\Addresses.cdb and settings.cfg.viw
Is it normal? Or maby someone crazy wrote this app?
At time, when we are discussing the 0-days vulnerability, someone can easily steal these files and receive passwords!

Re: Winbox v3.16 released!

Posted: Thu Aug 02, 2018 12:30 am
by pe1chl
It is your choice to keep passwords and not use a master password.
(although it is not optimal that that is the default setup)
Frankly I prefer that in such cases the passwords are plainly visible in the file and not stored using
some obfuscation that makes you feel good when you view the file but that can easily be reversed
by people who know how it works.

Re: Winbox v3.16 released!

Posted: Thu Aug 02, 2018 8:22 am
by kibe
This is all controversy: master password or not mater password. Did you understand, how easy to steal and read this 2 files or you joking here?
If program of this kind does not protect passwords from simple reading by notepad - it's a deface against customers! Many "thanks"!

Re: Winbox v3.16 released!

Posted: Thu Aug 02, 2018 8:35 am
by normis
It's even in the manual:
Managed routers list is encrypted, but it can still be loaded in other winbox without problems IF the master password is not set for it!

Re: Winbox v3.16 released!

Posted: Thu Aug 02, 2018 11:05 am
by pe1chl
This is all controversy: master password or not mater password. Did you understand, how easy to steal and read this 2 files or you joking here?
If program of this kind does not protect passwords from simple reading by notepad - it's a deface against customers! Many "thanks"!
What do you mean it is easy to steal? First the computer you use would have to be compromised. It is not easy for you to read my file!
Then, if you value this information you should use a master password. You chose not to.
Then, when you configure your routers you should take measures so they are accessible only for you and other admins, using firewall.
So even when someone knows the passwords for your customers, he should not be able to login to their routers.

Re: Winbox v3.16 released!

Posted: Thu Aug 02, 2018 1:35 pm
by kibe
It's monstrous!
You're kidding, right?
I have never seen people that you say "You have shit on pants" and he said "they are new and clean."
I just said about the manufacturer's oversight, and you're proving to me that everything is perfectly well thought out.
Hilarious. (On salary in Mikrotik?)

In any program, such as Skype, ICQ, What's up, Thundebird etc (you know about the existence of such programs?), Passwords can not be read, even if they are saved. And do not need any master passwords.

If you can not steal files from someone else's computer - it doesn't mean that no one can. So why expose people to danger?

"you should, he should"
First of all, the manufacturer should take minimum efforts to protect customers. Mikrotik equipment is not cheapest.

Do not fool me. I have drawn my conclusions.
And if the manufacturer does not want to do anything - there are a lot of other manufacturers, more competent.
But who will return the money (and the damage after hacking)?

Re: Winbox v3.16 released!

Posted: Thu Aug 02, 2018 1:57 pm
by msatter
I had a problem that Winbox was shutting down after 35 seconds. I could extend this time by keeping kicking stuff in Winbox.
It would not display the uptime and clock And it only displayed zeroes. When opened health it onle displayed the buttons and after a few seconds it resized so that the values could be displayed.

The cause was that I changed in an addresslists entry and applied. The change window was kept open and was hidden by other windows. After a short time I reverted it and applied.

The troubles started and ended when I closed the obscured window. It was not pleasant 20 minutes before I found the cause.

Re: Winbox v3.16 released!

Posted: Thu Aug 02, 2018 2:05 pm
by joegoldman
Can the sort by GROUP function be fixed up so instead of grouping by the first letter it groups by the full group name? Makes it hard when you're trying to group by site and have a few sites that start with same name and they all group together under 'S' or 'B' or something.

Re: Winbox v3.16 released!

Posted: Thu Aug 02, 2018 2:22 pm
by Cha0s
It's monstrous!
You're kidding, right?
I have never seen people that you say "You have shit on pants" and he said "they are new and clean."
I just said about the manufacturer's oversight, and you're proving to me that everything is perfectly well thought out.
Hilarious. (On salary in Mikrotik?)

In any program, such as Skype, ICQ, What's up, Thundebird etc (you know about the existence of such programs?), Passwords can not be read, even if they are saved. And do not need any master passwords.

If you can not steal files from someone else's computer - it doesn't mean that no one can. So why expose people to danger?

"you should, he should"
First of all, the manufacturer should take minimum efforts to protect customers. Mikrotik equipment is not cheapest.

Do not fool me. I have drawn my conclusions.
And if the manufacturer does not want to do anything - there are a lot of other manufacturers, more competent.
But who will return the money (and the damage after hacking)?
LMAO

If you are such a power user (you must be. Your are using ICQ!) that is afraid to use winbox, then please, by all means, do not use it.
Then see how nobody give a s**t :D

Oh, and you can read the passwords of thunderbird or firefox JUST FINE.

edit: typos

Re: Winbox v3.16 released!

Posted: Thu Aug 02, 2018 3:57 pm
by pe1chl
In any program, such as Skype, ICQ, What's up, Thundebird etc (you know about the existence of such programs?), Passwords can not be read, even if they are saved. And do not need any master passwords.
You clearly have no understanding of the situation.
First, there is a big difference between the storage of passwords on a server (where they are used to authenticate the user) and on a client (where they are stored for convenience to the user).
The server can store a hashed password that cannot be reversed except by brute force.
The client cannot do that, it has to store the password itself as it needs that later to be sent to the server.

So the password has to be stored either:
1 - encrypted by a master password that can be used to decrypt it once required
2 - obfuscated (stored encrypted by a fixed password or algorithm)
3 - plaintext

Programs like thunderbird can use option 1 or 2, programs like winbox use option 1 or 3.
You may think that your password is safe in thunderbird when you are not using a master password, but IT IS NOT!!
Tools are available to get it from the file when the file has been stolen. You think you are safe because you cannot
do it using notepad, but the hacker who has stolen your file knows how to do it! Except when you used a master password.
It always has to be like this because the program itself has to be able to retrieve the plain password and it is only a matter
of time until the bad guys find out how that is done and replicate it.
In this case I prefer the option as used by winbox as now you are aware of the risk and in case of thunderbird you are not.

Re: Winbox v3.16 released!

Posted: Fri Aug 03, 2018 9:19 am
by normis
You can't encrypt the passwords without a master password. How would you decrypt them then? This applies to any program, where you have any data that needs to be encrypted. To encrypt something, you need to have a decryption key. This is the master password.

Yes, and as above people said, all your mentioned tools have easily readable passwords. You simply did not know that.

Re: Winbox v3.16 released!

Posted: Fri Aug 03, 2018 10:42 am
by msatter
You can't encrypt the passwords without a master password. How would you decrypt them then? This applies to any program, where you have any data that needs to be encrypted. To encrypt something, you need to have a decryption key. This is the master password.

Yes, and as above people said, all your mentioned tools have easily readable passwords. You simply did not know that.
I am a bit confused now al that talk about a Master password?

When I am thinking up a password and enter it twice it should be hashed and salted and that result is stored in the device.The device does not know the plain password and only the authorized users should know it. If an authorized user enters the correct password which is after hasing and salting a matched against the hashed and salted one in the device then only a yes or no is communicated. This is implemented since a short time if I am correct now backups need a password to be encrypt and that is not default the password for the device....great improvement!

If you let WinBox remember (Keep Password) your plain password because you don't want to enter it every time then it becomes the responsibility of the user.

Looked in the WiKi and it is something between devices....why don't use a method like SSH does. The second router has to confirm the key and store that. After that the Master has access to slave devices until that key is revoked. You can even encrypt the traffic between the two devices with it.

Re: Winbox v3.16 released!

Posted: Fri Aug 03, 2018 11:47 am
by pe1chl
I am a bit confused now al that talk about a Master password?

When I am thinking up a password and enter it twice it should be hashed and salted and that result is stored in the device.
It would be better when you first read all articles. I have explained above what is the difference between that and the passwords in winbox, thunderbird and other client software. And Normis also confirmed that.
why don't use a method like SSH does. The second router has to confirm the key and store that. After that the Master has access to slave devices until that key is revoked. You can even encrypt the traffic between the two devices with it.
That is not more secure than that is done now. User kibe is worried that when someone would steal his file with saved passwords the attacker would be able to login to his routers. In your scenario that would be equal to the attacker stealing the file with your secret key (of which you have installed the public key on the router) and again the attacker would be able to login to your router. No difference.

Re: Winbox v3.16 released!

Posted: Fri Aug 03, 2018 12:27 pm
by msatter
I also wrote,
If you let WinBox remember (Keep Password) your plain password because you don't want to enter it every time then it becomes the responsibility of the user.
Winbox should not keep any passwords when Keep Passwod is not selected for the setting gor that specific device. I can't image that is the case so, Kibe it is your own choice.

A stolen private key is of course a weak point of all encryption setups. You could set a password to use the PK and better not store that password on your system.

https://www.digitalocean.com/community ... nux-server

Maybe support those USB key sticks. No stick inserted in the computer if you are using winbox not access.

Re: Winbox v3.16 released!

Posted: Fri Aug 03, 2018 11:34 pm
by msatter
OK I was thinking of the communication between routers and the Master Password is about saving the configs in a file on your computer so you can transfer to an other instance of Winbox.

I was wrong!

So looking at what it is and how it works and the options. Looking at the password interface I can only complain about having the password in there that opens all that WBX config files that are saved with that password. The possibility to save without an password should be only be possible if also the passwords for the routers themselves is used looks for me a basic step.

The text on the button is "Set Master Password" if there is a password present or not. It would be clearer if there is a password present to change the text on the button to "Change Master Password".

So now Winbox is always communicating secure since 3.16 I have a question how the password entered in Winbox is communicated with the router. Is it correct that I assume that first the secure connection is completed before the password or his hash is transferred?

Re: Winbox v3.16 released!

Posted: Tue Aug 07, 2018 1:11 am
by k6ccc
If you go to the software download page and select Winbox, the dropdown shows 3.17, but that results in a 404 error. Might want to fixed the webpage - either that or 3.17 is about to be released about the time I post this message :)

Re: Winbox v3.17 released!

Posted: Tue Aug 07, 2018 9:00 am
by Jotne