[Bug 69] Generalize SSH_ASKPASS

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Wed Jan 8 19:13:24 AEDT 2020


https://bugzilla.mindrot.org/show_bug.cgi?id=69

main.haarp at gmail.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |main.haarp at gmail.com

--- Comment #17 from main.haarp at gmail.com ---
Created attachment 3347
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3347&action=edit
enable always: prefix in SSH_ASKPASS, updated patch for OpenSSH 8.0

Hello,

I also desire this feature. The reason is consistency. With
'AddKeysToAgent ask' in my ssh config, the following would happen when
connecting to a host for the first time:

1. ssh to host
2. ssh asks for passphrase for private key *on the terminal*
3. ssh asks whether to add they key to the agent *via ssh-askpass* -
and even fails if there's no askpass!

This is silly and inconsistent. Either use the terminal for both, or
askpass for both.

So I decided to go the ssh-askpass route (using a small wrapper script
to use pinentry, no need for another program when I already have
pinentry on my system)

I have updated the patch from attachment 1599 (comment 16) for OpenSSH
8.0. Find it attached. I did some short tests and it appears to work as
intended. Maybe it's useful to someone, and I would be happy to see
this patch upstreamed - this bug has been open since 2002 :)

Cheers!

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list