similar to: More Slack7 heartbreak.

I would like to use ssh-add to unlock a key with a password provided through a web interface. It seems even though ssh-add calls read_passphrase with RP_ALLOW_STDIN at ssh-add.c:173, stdin is not used as a last resort without a valid terminal or display. Is it an intended behaviour ? And if so, what are the security implications of using popen() to write the password to ssh-add (not using echo

Sorry; here's the message I sent with the Keychain Patch yesterday. I didn't realize that the list wouldn't extract the text parts of the message. Enjoy. Hey all, Here's the patch to let SSH store passwords in the Mac OS X Keychain. I don't know whether you guys want to include it or not with the distribution; some people have said that since Keychain is not an open

The patch below fixes a compile-time warning in readpass.c. MIME-Version: 1.0 Content-Type: application/aegis-patch Subject: openssh.2 - Fix warning in readpass.c Content-Name: openssh.2.C010.patch Content-Disposition: attachment; filename=openssh.2.C010.patch X-Aegis-Project-Name: openssh.2 X-Aegis-Change-Number: 10 # # Fix the following warning in readpass.c: # # readpass.c: In function

Hi, I'm looking at integrating sftp into a larger project. It would be nice if there was a way to force read_passphrase() (in readpass.c) to use SSH_ASKPASS regardless of the properties of the terminal. This would be easy enough to do, an environment variable or a new flag definition would achieve this (I'm using an environment variable for convenience at the moment). Would anyone

https://bugzilla.mindrot.org/show_bug.cgi?id=2539 Bug ID: 2539 Summary: Add missing sanity check for read_passphrase() in auth-pam.c Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: PAM support

Enclosed is a patch against 2.2.0p1 that teaches ssh (and therefore slogin and scp) how to invoke ssh-askpass to request a password, RSA/DSA key passphrase, or an skey challenge response. I've tested this on Linux (i386), for passwords and RSA/DSA key passphrases. I cannot easily test whether the Right Thing will happen for skey challenge responses; I would appreciate it if someone who uses

Damien, Here's a forwarded bug for you. Cheers, Phil. --[[message/rfc822]] Subject: Bug#52414: ssh-add uses ssh-askpass, but ssh doesn't Reply-To: David Huggins-Daines <dhd at plcom.on.ca>, 52414 at bugs.debian.org Resent-From: David Huggins-Daines <dhd at plcom.on.ca> Resent-To: debian-bugs-dist at lists.debian.org Resent-CC: Philip Hands <phil at hands.com>

Hi, I'm sorry if this has already come up on the list, I did a quick search of the archive and didn't notice it. I noticed IMHO strange behavior in read_passphrase: If readpassphrase returns NULL and sets errno to ENOTTY, then read_passphrase returns an empty passphrase to the caller instead of error, now what happens with password authentication is that if readpassphrase fails every

Some smartcard readers have keypad to enter the PIN securely (i.e. such that it cannot be intercepted by a rogue (ssh) binary. PKCS#11 allows for enforcing this in hardware. Below patch allows for SSH to make use of this; against head/master as of today. Dw. commit 7f0250a8ae6c639a19d4e1e24fc112d5e2e1249a Author: Dirk-Willem van Gulik <dirkx at webweaving.org> Date: Tue Mar 17

## Hi, ## I have a script that spawns a process on a remote virtuozzo(container based vm thing) machine then waits for it to complete. Its a bit hacked about but you should be able to get the idea. function spawntpcc { while ! ssh -v $vmhostnameprefix$1 <<EOF "$tpccrootdir"/tpcc-mysql/tpcc_start -h localhost -d tpcc -u root -w "$3" -c 8 -r "$warmuptime" -l

hi all i have problems configuring my cdrom-devices with winecfg. when i try to add it as d: with the mountpoint /media/cdrom0 and select to be a cdrom-device, click apply and restart winecfg it is shown as a disk-device. i also tried with different mountpoints and also the device /dev/hdd itselfs but it always ends in the same problem. Also the autoconfiguration thing does not work. It adds my

Remove sshkey_load_private(), as this function's role is similar to sshkey_load_private_type(). --- Dependency: This change depends over recently merged change in openbsd: https://github.com/openbsd/src/commit/b0c328c8f066f6689874bef7f338179145ce58d0 Change log: v1->v2 - Remove declaration of sshkey_load_private() in authfile.h authfile.c | 38

http://bugzilla.mindrot.org/show_bug.cgi?id=234 Summary: OpenSSH does not compile on OpenBSD 3.1 Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: OpenBSD Status: NEW Severity: normal Priority: P1 Component: Build system AssignedTo: openssh-unix-dev at mindrot.org

The included patch adds a new option to the ssh client: -d fd Read the password from file descriptor fd. If you use 0 for fd, the passphrase will be read from stdin. This is basically the same as GPG:s parameter --passphrase-fd. Flames about why this is a bad idea goes into /dev/null. I really need to do this. There are lots of ugly Expect-hacks out there, but I want a more clean

This showed up in RISKS and no one has mentioned it here yet, so.. OpenSSH contains lots of code like: char *password = read_passphrase(prompt, 0); [do stuff] memset(password, 0, strlen(password));

I've been giving SSH_ASKPASS a hard look, and it's not clear to me how it's supposed to work. The documentation (ssh.1) seems explicit enough: SSH_ASKPASS If ssh needs a passphrase, it will read the passphrase from the current terminal if it was run from a terminal. If ssh does not have a terminal associated with it but DISPLAY and SSH_ASKPASS are set, it will execute

http://bugzilla.mindrot.org/show_bug.cgi?id=81 Summary: ssh cannot use ssh-askspass & passphrases as documented Product: Portable OpenSSH Version: 3.0.2p1 Platform: Sparc OS/Version: SunOS Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org

Greetings, I am trying to cross compile OpenSSH 4.7 for ppc with QNX Neutrino as my OS. I have a workstation with QNX on it (x86) and I have linked the utils used by autoconf to their ppc versions. I have been able to successfully build sshd/ssh. I copy the binaries built on the x86 to the ppc, and sshd works great. I can ssh from any machine to it, but when I try to ssh from the ppc machine to

I'm attaching a patch to allow ssh client to get a pin from the command line when using a smartcard. Most of it is from a patch by Danny De Cock <godot () ulyssis ! org>, but I've used the ssh read_passphrase function instead. Any errors are mine, I'm sure. This enables ssh -I 0 to use a pin-protected smartcard via opensc. Thanks, Kevin Stefanik -------------- next part

Hi, when trying to install openssh I get the following errors. Any idea of why? This is on a mac 10.4.10 system, and with the 4.7p1 version. Appreciate any tips. Thanks, Anil if test ! -z ""; then \ /usr/bin/perl ./fixprogs ssh_prng_cmds ; \ fi (cd openbsd-compat && make) make[1]: Nothing to be done for `all'. gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized