ssh-add with stdin and read_passphrase
Peter Stuge
peter at stuge.se
Tue Jan 18 20:35:23 EST 2011
Jean-Yves FAYE wrote:
> I would like to use ssh-add to unlock a key with a password provided
> through a web interface.
>
> It seems even though ssh-add calls read_passphrase with RP_ALLOW_STDIN
> at ssh-add.c:173, stdin is not used as a last resort without a valid
> terminal or display. Is it an intended behaviour ? And if so, what are
> the security implications of using popen() to write the password to
> ssh-add (not using echo password|ssh-add of course).
>
>
> I used this patch solves the issue :
Maybe you could provide an SSH_ASKPASS instead, and avoid patching.
//Peter
More information about the openssh-unix-dev
mailing list