comment on another command line option
Steve VanDevender
stevev at darkwing.uoregon.edu
Fri Jul 27 04:46:19 EST 2001
Dennis Gearon writes:
> I would like ssh to have the command line option of supplying the passphrase.
> This would make it possible to do attendant free scp transfers from PHP, for
> example. As it is, it is impossible to use a web script to initiate an scp xfer
> if an encrypted private key is used.
>
> I realize that stupid people could make shell scripts or web scripts then with
> the pass phrase in them, but those same stupid people are just as likely to walk
> out in front of cars. The preferred method is to supply the passphrase through
> an ssl connected web page/script for a one time use.
>
> without the ability to do attendant free scp transfers using pass phrased
> private keys, the only remote to remote transfers that can be initiated by a web
> script is via ssl, and that costs money for a certificate that most host's will
> accept.
Why not just set up ssh-agent and add your intended key with ssh-add?
Then you can do password-free logins with subsequent invocations of ssh
or scp.
That's probably not the only way you can get what you want with the
existing OpenSSH functionality.
More information about the openssh-unix-dev
mailing list