diff options
| author | Shulhan <ms@kilabit.info> | 2023-11-18 22:40:35 +0700 |
|---|---|---|
| committer | Shulhan <ms@kilabit.info> | 2023-11-18 22:46:01 +0700 |
| commit | 43d39b3aa9154f68396a5bb613bc57f7ef1599e7 (patch) | |
| tree | c8b093b1bd33c571305be06ac4af11e85edd56dd /lib/ssh | |
| parent | cbe11eddc3c2bdda7348fbe8add9a4e28443906b (diff) | |
| download | pakakeh.go-43d39b3aa9154f68396a5bb613bc57f7ef1599e7.tar.xz | |
lib/crypto: add support for reading passphrase using SSH_ASKPASS
If the library failed to changes os.Stdin to raw, it will try to use
a program defined in SSH_ASKPASS environment variable.
The SSH_ASKPASS is controlled by environment SSH_ASKPASS_REQUIRE.
- If SSH_ASKPASS_REQUIRE is empty the passphrase will read from
terminal first, if not possible then using SSH_ASKPASS program.
- If SSH_ASKPASS_REQUIRE is set to "never" the passphrase will read
from terminal only.
- If SSH_ASKPASS_REQUIRE is set to "prefer", the passphrase will read
using SSH_ASKPASS program not from terminal, but require
DISPLAY environment to be set.
- If SSH_ASKPASS_REQUIRE is set to "force", the passphrase will read
using SSH_ASKPASS program not from terminal, without checking DISPLAY
environment.
This changes affect the [ssh.NewClientInteractive] indirectly.
Diffstat (limited to 'lib/ssh')
| -rw-r--r-- | lib/ssh/client.go | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/ssh/client.go b/lib/ssh/client.go index 420170c1..8311550b 100644 --- a/lib/ssh/client.go +++ b/lib/ssh/client.go @@ -50,7 +50,8 @@ type Client struct { // IdentityFile directive is specified in the Host section. // // If the IdentityFile is encrypted, it will prompt for passphrase in -// terminal. +// terminal or from program defined in SSH_ASKPASS, see +// [crypto.LoadPrivateKeyInteractive] for more information. // // The following section keys are recognized and implemented by Client, // - Hostname |