[BUG] Password handling when real ssh is available

John A Meinel john at arbash-meinel.com
Wed Nov 30 17:44:34 GMT 2005 

Matthew D. Fuller wrote:
> On Wed, Nov 30, 2005 at 10:43:00AM -0600 I heard the voice of
> John A Meinel, and lo! it spake thus:
>> We have no way of grabbing the password prompt, and overriding it.
>> I'm sure other programs have ways of handling this, since I've seen
>> a GTK box popup asking me for my ssh password. I saw the SSH_ASKPASS
>> environment variable, but I'm not sure how we could override this
>> for bzr's purposes.
> 
> According to the manpage (seemingly confirmed by a quick check I just
> made of the source), SSH_ASKPASS only matters if you don't have a tty,
> which we do in this case.

We do, but we would like to pass ssh the password that was set in the:
sftp://user:pass@host/
Location of the branch.

Also, I'm guessing that in the future we will have a bzr gui, which
would need to ask for the password in a different way. (Though it
wouldn't have to go through bzrlib for this, simply popping up the
standard GTK/KDE password prompt would be fine in most instances).

> 
> 
>> I don't know of any way to fix that, maybe we could override TTY).
> 
> Unfortunately (well, fortunately, if your goal is security ;) openssh
> grabs the tty by opening /dev/tty, not by trusting env variables.  So
> that's kinda out...
> 
> 
>> Any suggestions? Right now we just have the workarounds that
>> normally it will run in the same terminal as bzr is running, so the
>> prompt just shows up. And normally people want the real ssh because
>> they already have host keys, and specialized .ssh/config settings.
> 
> Well, if it's running through some kind of non-terminal, there's the
> SSH_ASKPASS option.  There IS support for using stdin/stdout if it
> fails to open the tty directly, IF a set of flags are set.  It's kinda
> twisted tracking down how things are called, but I don't think there's
> any way to get those flags set short of hacking the source.  I ended
> up going through this code looking for something similar a couple
> years back, and I'm still recovering.  (see the scars?)
> 
> 
> For the record, if somebody else wants to try and unwind it, it seems
> like things go through the function read_passphrase(), in readpass.c,
> which ends up calling readpassphrase() (without the underscore) which
> is in openbsd-compat/readpassphrase.c.  I'm pretty sure all the routes
> to this end up without the necessary flag being set, though.  These
> files/paths are from the copy in the FreeBSD src tree, which I believe
> is based on openssh (as opposed to openssh-portable).
> 
> 

I'm guessing it isn't worth hacking around. But thanks for letting us
know more information, in case someone really cares. I personally use
ssh keys & and ssh agent, so I've never had problems. But I was
wondering how it would work for other people.

John
=:->

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20051130/b9aa4991/attachment.pgp

More information about the bazaar mailing list