SSH_ASKPASS behavior change proposal
Lance E Sloan
lsloan at umich.edu
Wed Jan 31 02:10:39 EST 2007
Quoting David Woodhouse <dwmw2 at infradead.org> (Tue 30 Jan 2007 09:12:23
AM EST):
> On Thu, 2007-01-18 at 15:24 -0500, Lance E Sloan wrote:
>> I propose that the ssh command-line client be changed so that it will
>> use whatever program is specified in the SSH_ASKPASS environment
>> variable regardless of whether ssh has a terminal associated with it or
>> not. In order for this to work, SSH_ASKPASS would need to contain the
>> full path to a program that prompts for a password, DISPLAY would also
>> need to be set, and some additional environment variable would need to
>> be set to instruct ssh to ignore the no-tty requirement.
>
> I'd like this. I currently have a horrid wrapper which deliberately
> disassociates from the ctty before executing /usr/bin/ssh, and it would
> be much nicer if SSH could be asked to use $SSH_ASKPASS unconditionally
> instead.
I'm glad you like my suggestion. I suppose it's up to the OpenSSH
development team to decide if they want to implement it. If anybody is
interested, I can forward a patch to the OpenSSH source code that makes
it possible. It's very short and simple, but one would have to compile
ssh from source after applying the patch.
As it turns out, Iain Morgan replied to my proposal with the suggestion
that I try session multiplexing. I've tried that and I really like it
a lot. When I set up the multiplexing master session, I enter my
password and following that, all other sessions to the same host, port,
and username do not require authentication.
I've been able to run the multiplexing master session in the
background, but that makes it difficult for me to see if the connection
is still alive and working. (I might lose the connection if I take my
laptop elsewhere.) So I've settled on running the master session in a
terminal window of its own, in verbose mode. I wanted to find an
application (or Mac OS X Dashboard widget) that would let me create and
monitor these master sessions, but I haven't found any. Maybe I will
eventually find time to make a Dashboard widget of my own.
--
Lance E Sloan, Application Developer
Evil is my middle name. Some people think it's Eugene, though.
U-M ITCS ITCom Information Systems
http://www.itcom.itcs.umich.edu/
More information about the openssh-unix-dev
mailing list