[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ssh private key password

On Fri, Jan 09, 2009 at 10:19:12AM -0600, Callum Lerwick wrote:
> On Fri, 2009-01-09 at 09:16 -0500, John W. Linville wrote:
> > On Thu, Jan 08, 2009 at 05:59:57PM -0500, Jesse Keating wrote:
> > > On Thu, 2009-01-08 at 23:42 +0100, nodata wrote:
> > > > 
> > > > No, I'm just getting annoyed that a GUI is popping up when I am using a
> > > > command line app. Not sure of the point of it, it seems counter
> > > > intuitive.
> > > 
> > > You're using a command line app from a graphical terminal.
> > 
> > I'm not sure I see your point.  Changing focus to another window just
> > to type a passphrase seems at best to add zero benefit and at worst
> > to provide surprise and distraction.  What is the benefit?
> http://man.root.cz/1/gnome-ssh-askpass/
> gnome-ssh-askpass will lock keyboard focus to its window, preventing
> focus stealing and key logging attacks from other X clients. It also
> aborts if it fails to gain a lock on the keyboard. Try starting two
> copies of gnome-ssh-askpass at the same time, and see what happens:
> $ /usr/libexec/openssh/gnome-ssh-askpass&/usr/libexec/openssh/gnome-ssh-askpass
> Seems to me it's much preferable to use gnome-ssh-askpass if you're in
> X, even in xterms.

That could be -- the key logging point seems worthwhile.  Thanks for
the explanation.
> (Getting real sick of these "I vote to change default functionality
> because I find it aesthetically displeasing and clearly I know better
> than the people who designed and implemented the functionality"
> threads.)

I suspect some of us are a bit sick of the indignation we get from
others who don't think we should bother asking questions of them
because clearly they know best...just sayin'...

John W. Linville
linville redhat com

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]