SSH Command Line Password Support

Alan Barrett apb at cequrux.com
Thu Aug 28 18:38:20 EST 2008


On Thu, 28 Aug 2008, Damien Miller wrote:
> [old SSH_ASKPASS proposals:]
> >  http://marc.info/?l=openssh-unix-dev&m=116921620227593&w=2
> >  https://bugzilla.mindrot.org/show_bug.cgi?id=69
> 
> I think we should do something like this, but I remember having some
> issues with the user-interface.

I don't like having new environment variables like
WHEN_TO_USE_SSH_ASKPASS="always" or ALWAYS_USE_SSH_ASKPASS="yes" or
any other variations on this theme.  I'd prefer to see ssh simply use
SSH_ASKPASS all the time regardless of whether or not there's a DISPLAY
or a tty.  If the user wants conditional behaviour, they can set
SSH_ASKPASS to point to a script that does whatever tests they like when
it is invoked, or they can use a script to conditionally set SSH_ASKPASS
to different values before they invoke ssh.

Alternatively, you could put all the complex policy like "use
SSH_ASKPASS if foo and not bar" into the configuration file, and let
SSH_ASKPASS continue to be the only environment variable related to
this issue.  The main thing is that I want no more than one environment
variable for this.

--apb (Alan Barrett)


More information about the openssh-unix-dev mailing list