similar to: [Bug 69] Generalize SSH_ASKPASS

https://bugzilla.mindrot.org/show_bug.cgi?id=1550 Summary: Move from 3DES to AES-256 for private key encryption Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Keywords: patch Severity: enhancement Priority: P2 Component: ssh-keygen AssignedTo:

Hi all, I have a script which calls ssh-add at a certain point, and I'm getting the following error: ssh_askpass: exec(/usr/bin/ssh-askpass): No such file or directory I don't see why it's doing this, since SSH_ASKPASS isn't set, and there should be a working terminal: SSH_ASKPASS If ssh needs a passphrase, it will read the passphrase from the

Hi everybody, I have asked a question a long time ago regarding SSH_ASKPASS, but with the latest version of OpenSSH I am not able to get the desired result. My goal is to launch a script on a remote server via SSH without having to type a password, because it is locally executed from a script. This should not be too complicated, but somehow I am not able to figure this out myself. I have

Hello, OpenSSH Developers! I'm not a member of the OpenSSH development team or a member of this mailing list. I have a small change to propose for OpenSSH and since the mailing list page at openssh.com indicated the general discussion list is for support, I thought this list would be a better place to discuss this. Please forgive me if I've committed a faux pas. I propose that the

Anyone out there in Portland. I''ll be in town this weekend, and was looking for advice from Rubyists on things to do. Thanks, Jake

The included patch adds a new option to the ssh client: -d fd Read the password from file descriptor fd. If you use 0 for fd, the passphrase will be read from stdin. This is basically the same as GPG:s parameter --passphrase-fd. Flames about why this is a bad idea goes into /dev/null. I really need to do this. There are lots of ugly Expect-hacks out there, but I want a more clean

https://bugzilla.mindrot.org/show_bug.cgi?id=3572 Bug ID: 3572 Summary: ssh-agent refused operation when using FIDO2 with -O verify-required Product: Portable OpenSSH Version: 9.3p1 Hardware: Other OS: Linux Status: NEW Severity: minor Priority: P5 Component:

The patch below fixes a compile-time warning in readpass.c. MIME-Version: 1.0 Content-Type: application/aegis-patch Subject: openssh.2 - Fix warning in readpass.c Content-Name: openssh.2.C010.patch Content-Disposition: attachment; filename=openssh.2.C010.patch X-Aegis-Project-Name: openssh.2 X-Aegis-Change-Number: 10 # # Fix the following warning in readpass.c: # # readpass.c: In function

On Mon, Jul 20, 2020 at 09:27:16AM +1000, Damien Miller wrote: > On Sun, 19 Jul 2020, Domenico Andreoli wrote: > > > On Mon, Jul 13, 2020 at 01:34:37PM +1000, Damien Miller wrote: > > > On Fri, 10 Jul 2020, Frank Sharkey wrote: > > > > > > > I set up the YubiKey with OpenSSH 8.2 (Ubuntu client and server) and it > > > > works. However, it

Hi, I had developed a program which spawns a shell where i am trying to use ssh commands to log into a linux server. There is a pop up dialog window which is prompting me for key-ing the password. Actually i want to get rid of this pop up dialog box, as i don't want this to be visible in my program/code execution. Could you please let me know is there any way to resolve and stop this

Hi all. Some background: I'm using my own wrapper script for ssh that deals with multitude of IP addresses, user accounts, keys and other ssh parameters for bunch of managed hosts. On X session start i (actually, my script) load all my private keys with 'ssh-add -c', to get confirmation on every key usage. This works bad with autossh, so i would like to add some logic: if I specify

There is an amusing bug in ssh-add that causes it to go into an infinite loop. I am using openssh 1.2.3, and noticed that when I ran "ssh-add < /dev/null" in my X startup scripts, but didn't have ssh-askpass installed, ssh-add started spewing errors into my .xsession-errors and didn't stop. I found that what happens is: ssh-add forks and attempts to exec ssh-askpass. The

http://bugzilla.mindrot.org/show_bug.cgi?id=496 ------- Additional Comments From markus at openbsd.org 2003-02-19 01:15 ------- that's not too hard with the current code, and you could use the 'passwd' lock feature for something similar: specify timeout x and enter passwd on agent startup. after x seconds of activity the agent will 'autolock'. use ssh-add -X to unlock

http://bugzilla.mindrot.org/show_bug.cgi?id=872 Summary: SSH client fails for non-root users with "Host key verification failed" Product: Portable OpenSSH Version: 3.8.1p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: ssh

Is there a particular reason the client can't use SSH_ASKPASS for passwords when using password authentication? This would seem to be useful when using ssh in scripted commands against servers that only allow password authentication. :j -- J?rgen Botz | While differing widely in the various jurgen at botz.org | little bits we know, in our infinite

I've been giving SSH_ASKPASS a hard look, and it's not clear to me how it's supposed to work. The documentation (ssh.1) seems explicit enough: SSH_ASKPASS If ssh needs a passphrase, it will read the passphrase from the current terminal if it was run from a terminal. If ssh does not have a terminal associated with it but DISPLAY and SSH_ASKPASS are set, it will execute

Hi, I'm looking at integrating sftp into a larger project. It would be nice if there was a way to force read_passphrase() (in readpass.c) to use SSH_ASKPASS regardless of the properties of the terminal. This would be easy enough to do, an environment variable or a new flag definition would achieve this (I'm using an environment variable for convenience at the moment). Would anyone

Dear list, I have set up SSH with the SSH_ASKPASS and DISPLAY variable set. Everything works perfectly. When ssh is used without a tty, the askpass program is executed, providing the password. But when I change the location of the askpass program, so it contains a space in the absolute path name (for example "c:\My Documents\askpass") the askpass program cannot be found. I get a

Hello, I have the following problem. I have an application which is running and which has already request a passphrase to the user. This application needs to launch ssh agent and ssh add, but I do not want to be prompt again for the passphrase. My private key is of course encrypted with the passphrase. How can I do ? My only idea for the moment is to change the variable value of ask_passphrase

I would like to use ssh-add to unlock a key with a password provided through a web interface. It seems even though ssh-add calls read_passphrase with RP_ALLOW_STDIN at ssh-add.c:173, stdin is not used as a last resort without a valid terminal or display. Is it an intended behaviour ? And if so, what are the security implications of using popen() to write the password to ssh-add (not using echo