ssh private key password
John W. Linville
linville at redhat.com
Fri Jan 9 16:26:14 UTC 2009
On Fri, Jan 09, 2009 at 10:19:12AM -0600, Callum Lerwick wrote:
> On Fri, 2009-01-09 at 09:16 -0500, John W. Linville wrote:
> > On Thu, Jan 08, 2009 at 05:59:57PM -0500, Jesse Keating wrote:
> > > On Thu, 2009-01-08 at 23:42 +0100, nodata wrote:
> > > >
> > > > No, I'm just getting annoyed that a GUI is popping up when I am using a
> > > > command line app. Not sure of the point of it, it seems counter
> > > > intuitive.
> > >
> > > You're using a command line app from a graphical terminal.
> >
> > I'm not sure I see your point. Changing focus to another window just
> > to type a passphrase seems at best to add zero benefit and at worst
> > to provide surprise and distraction. What is the benefit?
>
> http://man.root.cz/1/gnome-ssh-askpass/
>
> gnome-ssh-askpass will lock keyboard focus to its window, preventing
> focus stealing and key logging attacks from other X clients. It also
> aborts if it fails to gain a lock on the keyboard. Try starting two
> copies of gnome-ssh-askpass at the same time, and see what happens:
>
> $ /usr/libexec/openssh/gnome-ssh-askpass&/usr/libexec/openssh/gnome-ssh-askpass
>
> Seems to me it's much preferable to use gnome-ssh-askpass if you're in
> X, even in xterms.
That could be -- the key logging point seems worthwhile. Thanks for
the explanation.
> (Getting real sick of these "I vote to change default functionality
> because I find it aesthetically displeasing and clearly I know better
> than the people who designed and implemented the functionality"
> threads.)
I suspect some of us are a bit sick of the indignation we get from
others who don't think we should bother asking questions of them
because clearly they know best...just sayin'...
John
--
John W. Linville
linville at redhat.com
More information about the fedora-devel-list
mailing list