similar to: Password from open filedescriptor

Moin, attached is a patch, which adds a new configuration option "PreferAskpass" to the ssh config. ssh{,-add,-keygen,-agent} will use ssh-askpass to prompt for passwords, if this option is set to "yes", and if ssh-askpass is available. Default for "PreferAskpass" is "no". Pacth is against current CVS. Sebastian -- signature intentionally left blank.

The patch below fixes a compile-time warning in readpass.c. MIME-Version: 1.0 Content-Type: application/aegis-patch Subject: openssh.2 - Fix warning in readpass.c Content-Name: openssh.2.C010.patch Content-Disposition: attachment; filename=openssh.2.C010.patch X-Aegis-Project-Name: openssh.2 X-Aegis-Change-Number: 10 # # Fix the following warning in readpass.c: # # readpass.c: In function

Enclosed is a patch against 2.2.0p1 that teaches ssh (and therefore slogin and scp) how to invoke ssh-askpass to request a password, RSA/DSA key passphrase, or an skey challenge response. I've tested this on Linux (i386), for passwords and RSA/DSA key passphrases. I cannot easily test whether the Right Thing will happen for skey challenge responses; I would appreciate it if someone who uses

For those following the portable CVS tree.. I'd suggest holding off for a day or so unless you really want to get dirty. I just commited 32 patches from the OpenBSD tree, but have not worked out all the issues (due to Linux brain damage <sigh..Faster OpenBSD gets SMP..the happer I'll be>). The two things that need to be finished integrated in the configure.in is KRB5 and

I would like to use ssh-add to unlock a key with a password provided through a web interface. It seems even though ssh-add calls read_passphrase with RP_ALLOW_STDIN at ssh-add.c:173, stdin is not used as a last resort without a valid terminal or display. Is it an intended behaviour ? And if so, what are the security implications of using popen() to write the password to ssh-add (not using echo

Damien, Here's a forwarded bug for you. Cheers, Phil. --[[message/rfc822]] Subject: Bug#52414: ssh-add uses ssh-askpass, but ssh doesn't Reply-To: David Huggins-Daines <dhd at plcom.on.ca>, 52414 at bugs.debian.org Resent-From: David Huggins-Daines <dhd at plcom.on.ca> Resent-To: debian-bugs-dist at lists.debian.org Resent-CC: Philip Hands <phil at hands.com>

Here is a little patch against 2.9p1 that performs the SNK (also known as TIS authserv) challenge-response automaticly instead of asking the user. hope you find it useful. --larry -------------- next part -------------- diff -NuBw openssh-2.9p1/Makefile.in openssh/Makefile.in --- openssh-2.9p1/Makefile.in Thu Apr 26 20:31:08 2001 +++ openssh/Makefile.in Wed Jun 6 16:15:56 2001 @@ -43,9 +43,9

Here is a version of this widely used patch specific for OpenSSH 3.1p1, as it is still not in the main tree (perhap one day...) The patch avoids spending too much time when doing an ssh()/scp() on a down host, as it does not depend off the default TCP timeout used by connect(). Patch was tested on Linux, Solaris and HP-UX. The patch can also be found on:

My keys are secured with a passphrase. That's good for security, but having to type the passphrase either at every login or at every invocation of ssh(1) is annoying. I know I could invoke ssh-add(1) just before invoking ssh(1), if I keep track of whether I invoked it already, or write some hacky scripts; but the rest of OpenSSH is wonderfully usable without any hacks. Hence, this patch.

http://bugzilla.mindrot.org/show_bug.cgi?id=69 astrand at lysator.liu.se changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |astrand at lysator.liu.se ------- Additional Comments From astrand at lysator.liu.se 2003-03-26 21:10 ------- >hmmm, alternately

Hello, OpenSSH Developers! I'm not a member of the OpenSSH development team or a member of this mailing list. I have a small change to propose for OpenSSH and since the mailing list page at openssh.com indicated the general discussion list is for support, I thought this list would be a better place to discuss this. Please forgive me if I've committed a faux pas. I propose that the

Hi, I'm looking at integrating sftp into a larger project. It would be nice if there was a way to force read_passphrase() (in readpass.c) to use SSH_ASKPASS regardless of the properties of the terminal. This would be easy enough to do, an environment variable or a new flag definition would achieve this (I'm using an environment variable for convenience at the moment). Would anyone

https://bugzilla.mindrot.org/show_bug.cgi?id=3571 Bug ID: 3571 Summary: Canceling SSH_ASKPASS actually sends an empty string Product: Portable OpenSSH Version: 8.8p1 Hardware: Other OS: Linux Status: NEW Severity: major Priority: P5 Component: ssh Assignee: unassigned-bugs at

I've been giving SSH_ASKPASS a hard look, and it's not clear to me how it's supposed to work. The documentation (ssh.1) seems explicit enough: SSH_ASKPASS If ssh needs a passphrase, it will read the passphrase from the current terminal if it was run from a terminal. If ssh does not have a terminal associated with it but DISPLAY and SSH_ASKPASS are set, it will execute

To make readpass.c work on first try with gnome-askpass on RHL 7.1: wget http://bass.directhit.com/openssh_snap/openssh-SNAP-20011023.tar.gz tar xfz openssh-SNAP-20011023.tar.gz cd openssh ./configure --with-pam --enable-gnome-askpass --with-tcp-wrappers mv readpass.c readpass.c1 new readpass.c according to patch I received from djm 5-13-01: --------------------- cut here

Attached is a patch which adds a ConnectionTimeout option, and corrects the ConnectionAttempts documentation. Previously, ssh would try to make a connection ConnectionAttempts times, sleeping 1 second between tries. But each connection attempt could take a very long time to fail if the packets die before the get to the host. So if ssh is being run in a script or what-have-you, it might be

Hi, There is small bug in ssh_askpass(). Fix like this. Additionally removing '\r' is for Win32 environment. --- readpass.c 2001/10/09 05:42:49 1.1.1.1 +++ readpass.c 2001/10/09 08:06:38 @@ -45,7 +45,7 @@ { pid_t pid; size_t len; - char *nl, *pass; + char *pass; int p[2], status; char buf[1024]; @@ -71,16 +71,15 @@ fatal("ssh_askpass: exec(%s): %s", askpass,

Being rather aggrevated when testing at the enforced 1 second delay between each connection attempt and the useless 1 second delay done after all connection attempts have failed I wrote a patch to make the number of seconds delayed between each connection attempt configurable. Stephen -------------- next part -------------- diff -u --recursive openssh-2.3.0p1/ChangeLog

Here are the new versions of this widely used patch for OpenSSH 3.2.2p1 and 3.2.3p1. The patch avoids waiting to long when using ssh() or scp() on a down host, it is usefull when you have to update many hosts via rsync or rdist themselves relying upon ssh(). It enables a new option 'ConnectTimeout' to control exactly the timeout value, so that it can be used even on slow links. These

Requests first: after a build, "make" always remakes all the .out files; maybe we could add a few dependencies there? And could we possibly have a few more '@if' lines in the Makefile to quiet it down? These should be obvious: --- #readpass.c Fri Apr 20 13:17:39 2001 +++ readpass.c Fri Apr 20 13:37:26 2001 @@ -43,7 +43,7 @@ #include "ssh.h" char *