gui wrapper for ssh -X

David Woodhouse dwmw2 at
Sat Mar 8 05:44:17 EST 2003

On Fri, 2003-03-07 at 17:12, Jim Knoble wrote:
> Circa 2003-03-07 14:39:11 +0000 dixit David Woodhouse:
> It's *really* not hard:
>   env SSH_ASKPASS=/usr/local/libexec/x11-ssh-askpass \
>   ssh -X user at machine 'command' </dev/null >/dev/null 2>&1

Did you try this? On Linux, even with everything redirected to
/dev/null, I need to detach from the controlling TTY in order to prevent
it from _opening_ /dev/tty and trying to use that. 

>From my patches to make Evolution handle getting to its IMAP server over
ssh instead of making a direct connection...

+	/* Detach from the controlling tty if we have one. Otherwise, 
+	   SSH might do something stupid like trying to use it instead 
+	   of running $SSH_ASKPASS. Doh. */
+	fd = open("/dev/tty", O_RDONLY);
+	if (fd != -1) {
+		ioctl(fd, TIOCNOTTY, NULL);
+		close(fd);
+	}
+#endif /* TIOCNOTTY */

You also need to export a fake 'DISPLAY' environment variable, even if
you're not actually running under X and don't want your askpass program
to use X.

Both of these bit me when implementing 'opie-ssh-askpass' for the
Qt/Embedded PDA stuff. I looked at adding an 'AskPassCommand'
configuration option to the ssh client, but readpass.c is used in other
programs too, and I couldn't really see a clean way to do it.

Note that if you want caching, you'll probably want your askpass program
not to bring up a dialog box of its own but to connect somehow to the
master program which invoked ssh in the first place, and query that for
the password. Do consider using ssh-agent instead though. 


More information about the openssh-unix-dev mailing list