[BUG] Password handling when real ssh is available
John A Meinel
john at arbash-meinel.com
Wed Nov 30 16:43:00 GMT 2005
I just committed a bunch of changes to the sftp code, which I'm going to
merge into my integration branch.
I refactored the getpass() functionality into the UIFactory code, and in
the process I realized that we have a small problem when using the
native ssh.
We have no way of grabbing the password prompt, and overriding it. I'm
sure other programs have ways of handling this, since I've seen a GTK
box popup asking me for my ssh password. I saw the SSH_ASKPASS
environment variable, but I'm not sure how we could override this for
bzr's purposes. (A custom program which runs, and knows how to talk back
to bzr? Perhaps one of the arguments in SSH_ASKPASS would be a named
pipe to write the results to.)
There are two problems that I know of.
First, a sftp://user:password@host won't pass the password to ssh, so
the user will have to type their password anyway.
Second, if we ever implement some other front-end which is not
terminal based, the password prompt will not be handled correctly. (For
example, with my "bzr service" plugin, it will ask the user for a
password in the original terminal, not the local terminal, and I don't
know of any way to fix that, maybe we could override TTY).
Any suggestions? Right now we just have the workarounds that normally it
will run in the same terminal as bzr is running, so the prompt just
shows up. And normally people want the real ssh because they already
have host keys, and specialized .ssh/config settings.
John
=:->
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20051130/bbcaaa3c/attachment.pgp
More information about the bazaar
mailing list