Displaying 20 results from an estimated 7000 matches similar to: "Sending passphrase w/o keyboard interaction"
2004 Oct 19
2
launch ssh-add with a passphrase as parameter
Hello,
I have the following problem.
I have an application which is running and which has already request a
passphrase to the user.
This application needs to launch ssh agent and ssh add, but I do not want
to be prompt again for the passphrase.
My private key is of course encrypted with the passphrase.
How can I do ?
My only idea for the moment is to change the variable value of
ask_passphrase
2024 Jan 02
2
How to get "Enter passphrase" on command line rather than GUI pop-up?
On Tue, Jan 02, 2024 at 03:52:29PM +1100, Damien Miller wrote:
> On Mon, 1 Jan 2024, Christian Weisgerber wrote:
>
> > Chris Green:
> >
> > > Setting SSH_ASKPASS_REQUIRE=never in the environment on my xubuntu
> > > 23.10 system doesn't seem to work. I have set it:-
> > >
> > > chris$ env | grep SSH
> > >
2010 Jan 05
9
OpenSSH daemon security bug?
A co-worker argues we can login using only password to a "ssh-key restricted
host (PasswordAuthentication no)", without being asked by any passphase; just
by putting a key (no need to be the private key) on another password-based
host.
It that true? I do not think so. I would name that as an "important OpenSSH
daemon security bug". That is because I think it is not true.
2024 Jan 02
1
How to get "Enter passphrase" on command line rather than GUI pop-up?
>
> There must be *something* in the environment that affects this because
> I'm seeing two different ways of asking for the passphrase on the same
> screen. The only difference is that one is a simple terminal window
> running on my system and the other is one where I have used ssh to
> connect to a remote system and then ssh again back to the 'home'
> system.
2024 Jan 03
1
How to get "Enter passphrase" on command line rather than GUI pop-up?
On 2024/01/02 09:51, Chris Green wrote:
> I think I have it! I need to unset SSH_AUTH_SOCK, that's all that's
> needed. See:-
>
> chris$ ssh -i backup_id_rsa backup
> [here the pop-up appears and I cancel it]
> sign_and_send_pubkey: signing failed for RSA "backup_id_rsa" from
> agent: agent refused operation
> chris at backup's
2005 Jan 04
1
trying to debug ssh-askpass problem
Hi all,
I have a script which calls ssh-add at a certain point, and I'm
getting the following error:
ssh_askpass: exec(/usr/bin/ssh-askpass): No such file or directory
I don't see why it's doing this, since SSH_ASKPASS isn't set, and
there should be a working terminal:
SSH_ASKPASS
If ssh needs a passphrase, it will read the passphrase from the
2002 Apr 22
9
Password from open filedescriptor
The included patch adds a new option to the ssh client:
-d fd Read the password from file descriptor fd. If you use 0 for fd,
the passphrase will be read from stdin.
This is basically the same as GPG:s parameter --passphrase-fd.
Flames about why this is a bad idea goes into /dev/null. I really need to
do this. There are lots of ugly Expect-hacks out there, but I want a more
clean
2001 Jan 18
2
ssh-add bug
There is an amusing bug in ssh-add that causes it to go into an
infinite loop. I am using openssh 1.2.3, and noticed that when I
ran "ssh-add < /dev/null" in my X startup scripts, but didn't have
ssh-askpass installed, ssh-add started spewing errors into my
.xsession-errors and didn't stop.
I found that what happens is: ssh-add forks and attempts to exec
ssh-askpass. The
2024 Jan 02
1
How to get "Enter passphrase" on command line rather than GUI pop-up?
On Mon, 1 Jan 2024, Christian Weisgerber wrote:
> Chris Green:
>
> > Setting SSH_ASKPASS_REQUIRE=never in the environment on my xubuntu
> > 23.10 system doesn't seem to work. I have set it:-
> >
> > chris$ env | grep SSH
> > SSH_AUTH_SOCK=/run/user/1000/keyring/ssh
> > SSH_ASKPASS_REQUIRE=never
>
> What component is actually
2023 May 14
18
[Bug 3572] New: ssh-agent refused operation when using FIDO2 with -O verify-required
https://bugzilla.mindrot.org/show_bug.cgi?id=3572
Bug ID: 3572
Summary: ssh-agent refused operation when using FIDO2 with -O
verify-required
Product: Portable OpenSSH
Version: 9.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component:
2018 Sep 14
2
{DKIM Fail} Re: sftp fails when run from cron
On 09/13/2018 07:54 PM, Darren Tucker wrote:
> I'd guess that the reason it doesn't work is that the key is encrypted
> and neither the agent nor a tty to ask for the decryption passphrase
> is available. Try repeating your command line test after unsetting
> SSH_AUTH_SOCK
>
Okay. That reproduced the issue.
Is there a recommended way to provide the decryption
2020 Oct 06
2
Accessing SSH key path using SSH_ASKPASS and passwordstore
Hello,
With the introduction of SSH_ASKPASS_REQUIRE in version 8.4, I've set
up a script for SSH_ASKPASS to query my local passwordstore
(https://www.passwordstore.org/) vault to retrieve the password for a
given key. This works for ssh-add as well as ssh (configured with
AddKeysToAgent set to 'yes'). My workflow effectively transforms into
entering the password for the GPG key used
2010 Jan 12
2
[patch] Automatically add keys to agent
My keys are secured with a passphrase. That's good for security, but
having to type the passphrase either at every login or at every
invocation of ssh(1) is annoying.
I know I could invoke ssh-add(1) just before invoking ssh(1), if I keep
track of whether I invoked it already, or write some hacky scripts; but
the rest of OpenSSH is wonderfully usable without any hacks.
Hence, this patch.
2001 Jul 26
7
comment on another command line option
I would like ssh to have the command line option of supplying the passphrase.
This would make it possible to do attendant free scp transfers from PHP, for
example. As it is, it is impossible to use a web script to initiate an scp xfer
if an encrypted private key is used.
I realize that stupid people could make shell scripts or web scripts then with
the pass phrase in them, but those same stupid
2014 Sep 02
2
making the passphrase prompt more clear
I am going to preface this email by saying that I know very little
about OpenSSH internals, the protocol, etc.
I do a lot of work with novice programmers, and one step that comes up
relatively early is generating SSH keys. In case you haven't done it
in a while, the output looks like this:
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key
2002 Jan 25
2
[Bug 81] ssh cannot use ssh-askspass & passphrases as documented
http://bugzilla.mindrot.org/show_bug.cgi?id=81
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WORKSFORME
------- Additional Comments From djm at mindrot.org 2002-01-26 10:07
2005 Dec 20
2
[Bug 1138] Passphrase asked for (but ignored) if key file permissions too liberal.
http://bugzilla.mindrot.org/show_bug.cgi?id=1138
Summary: Passphrase asked for (but ignored) if key file
permissions too liberal.
Product: Portable OpenSSH
Version: 4.2p1
Platform: PPC
OS/Version: Linux
Status: NEW
Severity: minor
Priority: P1
Component: ssh-add
AssignedTo:
2009 Dec 23
3
Question on SSH_ASKPASS
Hi everybody,
I have asked a question a long time ago regarding SSH_ASKPASS, but with the
latest version of OpenSSH I am not able to get the desired result.
My goal is to launch a script on a remote server via SSH without having to
type a password, because it is locally executed from a script. This should
not be too complicated, but somehow I am not able to figure this out myself.
I have
2003 May 12
1
ssh-agent asking for passphrase on non-keyed connections
I'm running into some odd behavior that I can't figure out that I'm
hoping someone can help me with. After years of SSH usage, I've
decided to exchange one laziness for another and use ssh-agent.
However I'm running into an odd instance where ssh is asking for the
passphrase to my key stored in ~/.ssh/id_dsa when attempting to connect
to a machine with nothing in
2001 Jan 07
1
[PATCH] Caching passphrase in ssh-add.
The patch below does two things.
1. If invoked with no arguments, attempt to add both RSA and DSA keys.
2. Remember the last successful passphrase and attempt to use it on
subsequent key files which are added.
Note that the latter part of the patch extends the period of time during
which the passphrase is held in clear text in the ssh-add process, but
doesn't introduce any _new_