Question about ssh-add...
Andrew Stribblehill
a.d.stribblehill at durham.ac.uk
Tue Feb 20 20:35:14 EST 2001
Quoting Volker Paulsen <paulsen at orbiteam.de>:
> Evenin',
>
> I would like to know, why "OpenSSH ssh-add" doesn't support the -p
> (pipe) option of "Ssh-1.2.X shh-add"? I used it several time within
> scripts, like
>
> ./whisperpassphrase | ssh-add -p
>
> Well, I know this is some kind of security by obscurity, but this has
> been proven to be handy.
You could easily do this to the same effect:
$ cat whisperpassphrase
#! /bin/sh
#
echo 'secret hax0r passphrase'
$ SSH_ASKPASS=./whisperpassphrase ssh-add <&-
Identity added: /home/foo/.ssh/identity (foo at bar)
In my opinion, it's better to make people /think/ about whether
they really need this, and to make them work for it, rather than
have this too-easy pipe thing. Call it security by cluefulness!
Cheerio,
Andrew Stribblehill
Systems programmer, IT Service, University of Durham, England
More information about the openssh-unix-dev
mailing list