[Pkg-shadow-devel] Bug#721954: Bug#721954: passwd: displays password when called via ssh directly
Alexander Gattin
xrgtn at yandex.ru
Fri Sep 6 06:26:53 UTC 2013
Hello,
On Thu, Sep 05, 2013 at 04:38:46PM -0700, Vagrant
Cascadian wrote:
> When called via ssh directly, it echoes the passphrase:
>
> vagrant at local:~$ ssh server passwd
> (current) UNIX password: dlkgfjsdgfkjsd
ssh <user at server> <command> doesn't allocate
pseudo terminal, therefore tcgetattr() + &=~ECHO +
tcsetattr() won't work.
You should use ssh -t <user at server> <command>
instead.
Some programs refuse to be started without a TTY,
e.g. screen:
> xrgtn at ux280p:~$ ssh xrgtn-guest at alioth.debian.org screen
> Must be connected to a terminal.
> xrgtn at ux280p:~$
I think this is the only thing we can do (refuse
to start passwd without a terminal).
--
With best regards,
xrgtn
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20130906/4ef27e08/attachment.sig>
More information about the Pkg-shadow-devel
mailing list