Feature request

Martin Kluge martin at elxsi.de
Mon Mar 15 05:23:54 EST 2004


Hi,

On Sun, Mar 14, 2004 at 06:48:35PM +0100, Peter Stuge wrote:
> On Sun, Mar 14, 2004 at 05:55:13PM +0100, Martin Kluge wrote:
> > So would you accept a patch to add a new command line option
> > (suggestion: -d) to specify a password directly on the command line?
> 
> This has been requested before but declined because it promotes insecure
> behavior. (Your system may be isolated, but all aren't and it's usually
> possible to see any arguments of all processes in the system.)

Well, of course.

But: This feature can be enabled (disabled per default) at compile time, so
     I think, everyone who enables this feature knows what he's doing.

> 
> I seem to remember discussion about accepting the password on a file
> descriptor however. Search the mailing list and bugzilla.mindrot.org.

This would be a possibility too, I'll have a look at it.


Thank you,
Martin

> 
> 
> //Peter

-- 
Name      : Martin Kluge
email     : martin at elxsi.info
Phone     : +49 160 1515182
Projects  : http://www.aa-security.de
GPG Key   : http://www.elxsi.de/key.pub

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20040314/deb1c289/attachment.bin 


More information about the openssh-unix-dev mailing list