[BUG] Password handling when real ssh is available

Matthew D. Fuller fullermd at over-yonder.net
Wed Nov 30 17:35:10 GMT 2005 

On Wed, Nov 30, 2005 at 10:43:00AM -0600 I heard the voice of
John A Meinel, and lo! it spake thus:
> 
> We have no way of grabbing the password prompt, and overriding it.
> I'm sure other programs have ways of handling this, since I've seen
> a GTK box popup asking me for my ssh password. I saw the SSH_ASKPASS
> environment variable, but I'm not sure how we could override this
> for bzr's purposes.

According to the manpage (seemingly confirmed by a quick check I just
made of the source), SSH_ASKPASS only matters if you don't have a tty,
which we do in this case.


> I don't know of any way to fix that, maybe we could override TTY).

Unfortunately (well, fortunately, if your goal is security ;) openssh
grabs the tty by opening /dev/tty, not by trusting env variables.  So
that's kinda out...


> Any suggestions? Right now we just have the workarounds that
> normally it will run in the same terminal as bzr is running, so the
> prompt just shows up. And normally people want the real ssh because
> they already have host keys, and specialized .ssh/config settings.

Well, if it's running through some kind of non-terminal, there's the
SSH_ASKPASS option.  There IS support for using stdin/stdout if it
fails to open the tty directly, IF a set of flags are set.  It's kinda
twisted tracking down how things are called, but I don't think there's
any way to get those flags set short of hacking the source.  I ended
up going through this code looking for something similar a couple
years back, and I'm still recovering.  (see the scars?)


For the record, if somebody else wants to try and unwind it, it seems
like things go through the function read_passphrase(), in readpass.c,
which ends up calling readpassphrase() (without the underscore) which
is in openbsd-compat/readpassphrase.c.  I'm pretty sure all the routes
to this end up without the necessary flag being set, though.  These
files/paths are from the copy in the FreeBSD src tree, which I believe
is based on openssh (as opposed to openssh-portable).


-- 
Matthew Fuller     (MF4839)   |  fullermd at over-yonder.net
Systems/Network Administrator |  http://www.over-yonder.net/~fullermd/
           On the Internet, nobody can hear you scream.

More information about the bazaar mailing list