SSH Command Line Password Support
Roumen Petrov
openssh at roumenpetrov.info
Fri Aug 29 04:37:20 EST 2008
Alan Barrett wrote:
> On Thu, 28 Aug 2008, Damien Miller wrote:
>> [old SSH_ASKPASS proposals:]
>>> http://marc.info/?l=openssh-unix-dev&m=116921620227593&w=2
>>> https://bugzilla.mindrot.org/show_bug.cgi?id=69
>> I think we should do something like this, but I remember having some
>> issues with the user-interface.
>
> I don't like having new environment variables like
> WHEN_TO_USE_SSH_ASKPASS="always" or ALWAYS_USE_SSH_ASKPASS="yes" or
> any other variations on this theme. I'd prefer to see ssh simply use
> SSH_ASKPASS all the time regardless of whether or not there's a DISPLAY
> or a tty. If the user wants conditional behaviour, they can set
> SSH_ASKPASS to point to a script that does whatever tests they like when
> it is invoked, or they can use a script to conditionally set SSH_ASKPASS
> to different values before they invoke ssh.
>
> Alternatively, you could put all the complex policy like "use
> SSH_ASKPASS if foo and not bar" into the configuration file, and let
> SSH_ASKPASS continue to be the only environment variable related to
> this issue. The main thing is that I want no more than one environment
> variable for this.
>
> --apb (Alan Barrett)
Sounds good if environment variable SSH_ASKPASS is emply or a value like
default, tty, internal, none to be used password prompt from ssh
otherwise client(ssh) to try to get password from specified program.
Roumen
--
Get X.509 certificates support in OpenSSH:
http://roumenpetrov.info/openssh/
More information about the openssh-unix-dev
mailing list