SSH_ASKPASS behavior change proposal

Iain Morgan imorgan at
Sat Jan 20 06:56:44 EST 2007

Sometime ago, Lance E Sloan wrote:
> Mr. Morgan, thank you very much for the response.
> Yes, I think I see how that could help.  I could start up an ssh 
> control master in another window that connects to the CVS/SVN 
> repository before I start a client.

It doesn't have to be in a separate window. You can use -fN to have ssh
prompt for the password and then background itself.

> I have a question about the "ask" setting for ControlMaster.  The 
> manpage says:
> Setting this to ``ask'' will cause ssh to listen for control 
> connections, but require confirmation using the SSH_ASKPASS program 
> before they are accepted (see ssh-add(1) for details).
> I tried this, and ssh did indeed invoke my SSH_ASKPASS, but I wasn't 
> sure what the correct response was.  I tried my password for the remote 
> host and password for my local host.  Neither worked.  Then I noticed 
> that it was prompting "Allow shared connection to [hostname_here]?", so 
> I tried answering "y" and "yes", but neither of those worked, either.
> What kind of answer is it expecting?

In this context, no password is required. Simply select either 'OK' or

> Quoting Iain Morgan <imorgan at> (Fri 19 Jan 2007 12:08:49 PM EST):
> > You could address the CVS/SVN issue using session multiplexing. See
> > the entries for ControlMaster and ControlPath in the ssh(1) man page.
> >
> > Sometime ago, Lance E Sloan wrote:
> >> I propose that the ssh command-line client be changed so that it will
> >> use whatever program is specified in the SSH_ASKPASS environment
> >> variable regardless of whether ssh has a terminal associated with it
> >> or not.
> -- 
> Lance E Sloan, Application Developer
> Evil is my middle name.  Some people think it's Eugene, though.
> U-M ITCS ITCom Information Systems

Iain Morgan

More information about the openssh-unix-dev mailing list