As in most Python debuggers, in Winpdb, communication between Debugger and Debuggee is done via Internet sockets. This communication is protected with a password which is used as the basis for a hashing/encryption key. Such keys are never stronger than the password itself, and a short or simple password means a weak key.
Authenticated and Encrypted Communication
By default the socket communication is authenticated and optionally encrypted. Encryption is performed only if the python-crypto Cryptographic Toolkit is installed. Encryption can be forced with the -e command line flag. In this mode a debugge will only accept encrypted connections.
If a debug session is launched from Winpdb without having set a password, a pseudo random password will be generated transparently, without interrupting the user.
Remote Connections Denial
By default, the debuggee denies remote connections, and only accepts debugger connections from the local host. However, the debuggee can be set to accept connections from remote machines with the -r flag.
Command Line Flags:
-e - Force encrypted connections -p <password> - Set communication password -r - Allow connections from remote machines.
The password flag is only supported on Windows systems.
remote - Get or set the allow remote connections mode.
password - Get or set the password that governs connections.
To set the password, click File->Password
If a password has not been set when the attach command is first invoked, the password dialog will pop up automatically.