[BUG] Password handling when real ssh is available
James Henstridge
james at jamesh.id.au
Fri Dec 2 01:27:51 GMT 2005
John A Meinel wrote:
>Matthew D. Fuller wrote:
>
>
>>On Wed, Nov 30, 2005 at 10:43:00AM -0600 I heard the voice of
>>John A Meinel, and lo! it spake thus:
>>
>>
>>>We have no way of grabbing the password prompt, and overriding it.
>>>I'm sure other programs have ways of handling this, since I've seen
>>>a GTK box popup asking me for my ssh password. I saw the SSH_ASKPASS
>>>environment variable, but I'm not sure how we could override this
>>>for bzr's purposes.
>>>
>>>
>>According to the manpage (seemingly confirmed by a quick check I just
>>made of the source), SSH_ASKPASS only matters if you don't have a tty,
>>which we do in this case.
>>
>>
>
>We do, but we would like to pass ssh the password that was set in the:
>sftp://user:pass@host/
>Location of the branch.
>
>
I'm not sure this use case is worth pursuing. I'd actually opt for
ignoring the password in the URL if given (with a warning). The SFTP
URI spec doesn't recommend it either:
The convention of optionally including the
password separated from the username by a ":" in the URI is NOT
RECOMMENDED and is deprecated in accordance with [RFC3986].
and:
6. Security Considerations
Passwords SHOULD NOT be included within the URI it should be noted
that doing so poses a security risk. Since URIs are usually sent in
the clear with no encryption or other security, any password or other
credentials included in the userinfo could be seen by a potential
attacker.
>Also, I'm guessing that in the future we will have a bzr gui, which
>would need to ask for the password in a different way. (Though it
>wouldn't have to go through bzrlib for this, simply popping up the
>standard GTK/KDE password prompt would be fine in most instances).
>
>
For this case, maybe closing the ssh's stderr, and adding os.setsid() as
a preexec function to disconnect from the controlling tty would work here.
James.
More information about the bazaar
mailing list