comment on another command line option

Rachit Siamwalla rachit at ensim.com
Fri Jul 27 07:12:32 EST 2001


very dangerous.

ps auxww | grep ssh

will tell you why programs generally do not allow passwords to be put via
the commandline.

-rchit

-----Original Message-----
From: Dennis Gearon [mailto:gearond at oit.edu]
Sent: Thursday, July 26, 2001 11:40 AM
To: openssh-unix-dev at mindrot.org
Subject: comment on another command line option


I would like ssh to have the command line option of supplying the
passphrase.
This would make it possible to do attendant free scp transfers from PHP, for
example. As it is, it is impossible to use a web script to initiate an scp
xfer
if an encrypted private key is used.

I realize that stupid people could make shell scripts or web scripts then
with
the pass phrase in them, but those same stupid people are just as likely to
walk
out in front of cars. The preferred method is to supply the passphrase
through
an ssl connected web page/script for a one time use.

without the ability to do attendant free scp transfers using pass phrased
private keys, the only remote to remote transfers that can be initiated by a
web
script is via ssl, and that costs money for a certificate that most host's
will
accept.

schematic of intended usage.

Me with SSL browser<----->My company website<------->client website to be
                          with PHP CASE TOOL        edited with PHP
CASE                                                                 TOOL



More information about the openssh-unix-dev mailing list