blob: 2c9ce7339b098c78c08dc74f09a0b97ce75619b7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
% SSH-ASKPASS-NOINPUT
% chrysn <chrysn@fsfe.org>
% 2013-10-26
# NAME
ssh-askpass-noinput - an `ssh-askpass` implementation for asking allow/deny questions
# SYNOPSIS
*ssh-askpass-noinput* text
# DESCRIPTION
*ssh-askpass-noinput* is an implementation of *ssh-askpass*, which does not
acutally ask for a password; instead, it only asks a binary (allow/deny)
question and exits with 0 for allow and 1 for deny.
It is not intended as a general replacement for *ssh-askpass*, but for special
applications that don't care about a passphrase.
# OPTIONS
As usual with *ssh-askpass* implementations, *ssh-askpass-noinput* only takes a
single argument, which will be presented as the question.
# BACKGROUND AND APPLICATIONS
Some programs (*ssh-agent* and *ssh-agent-filter*) use *ssh-askpass* to have
users confirm actions without entering a passphrase; *ssh-agent* does this when
used via *ssh-add*'s `-c` option. They do not indicate that it is a binary
question (because in the classical *ssh-agent* invocation, there is no option to
do this), and expect the user to ignore the text input and click "OK" or
"Cancel", whereupon they read the askpass's exit status.
With programs that are known to only ask those questions, setting
`SSH_ASKPASS=ssh-askpass-noinput` in their environment will make them use this
particular implementation for their questions. It should never be installed as
`/usr/bin/ssh-askpass`.
# FUTURE
This solution is obviously a hack, which is needed until a way is established
and implemented for *ssh-askpass* to be used more flexibly.
# SEE ALSO
ssh-agent-filter(1), ssh-agent(1), ssh-askpass(1)
|