PasswordCommand option for ssh client?
Damien Miller
djm at mindrot.org
Thu Jun 24 12:57:56 AEST 2021
On Tue, 22 Jun 2021, asymptosis wrote:
> Hey all,
>
> While I generally prefer keypair authentication, I am sometimes stuck with the
> need to access a variety of hosts which only permit password authentication.
> At the moment, I copy-paste my password from `pass`.
>
> I wondered if it could be doable to add a new option to ssh_config, analogous
> to the various XYZCommand options available for sshd_config?
>
> (Hopefully I'm not overlooking something: I'm on 8.6p1 here, and I don't see
> anything in `man ssh` or `man ssh_config` which matches what I am looking
> for.)
>
> For my ~/.ssh/config, I'm imagining a stanza like so:
>
> Host A.B.C.D
> PasswordCommand pass show A.B.C.D
>
> So long as I have gpg-agent running, I would then be able to log into these
> hosts in a fairly seamless way. It would also help with keeping track of which
> password is relevant to which hosts.
btw, it's probably possible to abuse SSH_ASKPASS_PROMPT=require to
do this.
-d
More information about the openssh-unix-dev
mailing list