similar to: "doveadm auth user" requiring a tty

On 6/1/20 5:31 AM, Richard W.M. Jones wrote: > This command fails with an incorrect error message: > > $ nbdkit ssh host=localhost /nosuchfile password=- --run 'qemu-img info $nbd' </dev/null > password: > nbdkit: error: could not read password from stdin: Inappropriate ioctl for device > > The error (ENOTTY Inappropriate ioctl for device) is actually a

Enclosed is a patch against 2.2.0p1 that teaches ssh (and therefore slogin and scp) how to invoke ssh-askpass to request a password, RSA/DSA key passphrase, or an skey challenge response. I've tested this on Linux (i386), for passwords and RSA/DSA key passphrases. I cannot easily test whether the Right Thing will happen for skey challenge responses; I would appreciate it if someone who uses

I am trying to conduct a full sftp session using the proc_open() function of PHP: http://www.php.net/manual/en/function.proc-open.php Once I get past the authentication stage, everything works fine: the script is able to write to sftp's stdin and capture its stdout. However, during the auth stage, these are apparently bypassed somehow, and IO takes place directly with the terminal. That is,

I'm not getting the error email you mention, but I have noticed it silently dropping replies (including my own on occasion). I haven't spotted anything the missing replies have in common. The web interface did just pop up with this though: Unhandled Exception ("Exception") Failed to proc_open(): proc_open(): fork failed - Cannot allocate memory > -----Original

> Dropping replies from the web interface or the mail interface? > Also: does "dropping replies" mean that an email reply doesn't show up in the phab interface? > (that's currently "working as intended", until we find enough time to write a parser for inline > comment replies in mails) I mean that email replies don't always appear in the web interface.

On 11/12/2013 17:01, Manuel Klimek wrote: > On Wed, Dec 11, 2013 at 5:52 PM, Daniel Sanders > <Daniel.Sanders at imgtec.com <mailto:Daniel.Sanders at imgtec.com>> wrote: > > I'm not getting the error email you mention, but I have noticed it > silently dropping replies (including my own on occasion). I > haven't spotted anything the missing replies

On Wed, Dec 11, 2013 at 5:52 PM, Daniel Sanders <Daniel.Sanders at imgtec.com>wrote: > I'm not getting the error email you mention, but I have noticed it > silently dropping replies (including my own on occasion). I haven't spotted > anything the missing replies have in common. > Dropping replies from the web interface or the mail interface? Also: does "dropping

I would like to use ssh-add to unlock a key with a password provided through a web interface. It seems even though ssh-add calls read_passphrase with RP_ALLOW_STDIN at ssh-add.c:173, stdin is not used as a last resort without a valid terminal or display. Is it an intended behaviour ? And if so, what are the security implications of using popen() to write the password to ssh-add (not using echo

I've been giving SSH_ASKPASS a hard look, and it's not clear to me how it's supposed to work. The documentation (ssh.1) seems explicit enough: SSH_ASKPASS If ssh needs a passphrase, it will read the passphrase from the current terminal if it was run from a terminal. If ssh does not have a terminal associated with it but DISPLAY and SSH_ASKPASS are set, it will execute

As shown in the previous patch, plugins may choose to use stdin or stdout during .config. But from .get_ready onwards, well-written plugins shouldn't be needing any further use of stdin/out. We already swapped stdin/out to /dev/null while daemonizing, but did not do do during -f or --run, which leads to some surprising inconsistency when trying to debug a plugin that works in the foreground

Hi All. Attached is a patch that converts pam_chauthtok_conv into a generic pam_tty_conv, which is used rather than null_conv for do_pam_session. This allows, for example, display of messages from PAM session modules. The accumulation of PAM messages into loginmsg won't help until there is a way to collect loginmsg from the monitor (see, eg, the patches for bug #463). This is because the

I am working on rsync tool. As rsync sends data over SSH in non-daemon mode, it forks the SSH process in pipe.c function. For the communication between the parent rsync and child SSH, it uses the socket pairs. As socket pairs are bidirectional, only one pair can be used for communication between the parent and child. e.g. socketpair(xx,xx,xx,xx) returns -> to_child_pipe[2]={3,4} then these

As shown in the previous patch, plugins may choose to use stdin or stdout during .config. But from .get_ready onwards, well-written plugins shouldn't be needing any further use of stdin/out. We already swapped stdin/out to /dev/null while daemonizing, but did not do do during -f or --run, which leads to some surprising inconsistency when trying to debug a plugin that works in the foreground

Please Cc: me on the reply as I am not on the list. >From the ssh(1) man page: -t Force pseudo-tty allocation. This can be used to execute arbi trary screen-based programs on a remote machine, which can be very useful, e.g., when implementing menu services. This is similiar to what I am trying to do, use "-t" flag to ssh from my application,

Hi, I fell on this using openssh on cygwin. Though it may be a cygwin related issue, I think it's may be a bug on the main openssh tree. Thus my posting here. I'm CC'ing to the public list for information. The part of code I'm refering to is : /* XXX might close listen socket */ (void)dup2(fd, STDIN_FILENO); (void)dup2(fd, STDOUT_FILENO);

On Wed, Dec 02, 2015 at 02:00:57PM +0100, Pino Toscano wrote: > - add a flag to request chroot for the process, which is done only as > very last (before chdir) operation before exec'ing the process in the > child: this avoids using CHROOT_IN & CHROOT_OUT around command* > invocations, and reduces the code spent in chroot mode > - add failure checks for dup2 and open

https://www.redhat.com/archives/libguestfs/2019-August/thread.html#00347 Thanks: Eric Blake and Daniel P. Berrangé --- common/utils/utils.h | 1 + server/connections.c | 4 ++-- server/crypto.c | 5 +++-- server/main.c | 23 +++++++++++++++++++++++ common/utils/utils.c | 29 +++++++++++++++++++++++++++++ 5 files changed, 58 insertions(+), 4 deletions(-) diff --git

At least it appears that way on my FreeBSD 8.1 system. This is probably unnoticeable in regular use but I happen to use CFengine(v2) for system configuration & monitoring. If it notices dovecot not running it tries to start it and hangs. I believe cfengine (cfagent) has created a pipe to monitor the start commmand's stderr and is waiting for this pipe to close. This never happens

I've been using ssh without it duping stdout and stderr, and had no problems.? I think this change should be made to the master source. WHAT IS THE PROBLEM WITH SSH RIGHT NOW? It duplicates FILENO_STDOUT and FILENO_STDERR, thus there are two descriptors for each of these files.? When the remote program closes its stdout or stderr, the remote sshd sends the appropriate message to the local

http://bugzilla.mindrot.org/show_bug.cgi?id=829 Summary: Don't allocate a tty if -n option is set Product: Portable OpenSSH Version: 3.8p1 Platform: All OS/Version: All Status: NEW Severity: minor Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org ReportedBy: