https://bugzilla.mindrot.org/show_bug.cgi?id=3320
Bug ID: 3320
Summary: Authentication hangs when SSH_ASKPASS_REQUIRE=prefer
and remote host key fingerprint isn't known
Product: Portable OpenSSH
Version: 8.6p1
Hardware: 68k
OS: Mac OS X
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unassigned-bugs@mindrot.org
Reporter: jack+portable-openssh-bugzilla@foys.net
Hello,
I set SSH_ASKPASS_REQUIRE=prefer so that git would use SSH_ASKPASS to
pull passphrases from an external keychain, even when run
interactively. I've unblocked myself from the problem below by setting
SSH_ASKPASS_REQUIRE only from .gitconfig.
Later, I discovered that with SSH_ASKPASS_REQUIRE=prefer, ssh hangs
when connecting to a new host. `ssh -v` shows the following, repeated:
debug1: read_passphrase: requested to askpass
debug1: read_passphrase: requested to askpass
debug1: read_passphrase: requested to askpass
After amending the custom askpass program to show its argv on stderr:
debug1: read_passphrase: requested to askpass
argv: The authenticity of host 'testhost (10.1.10.10)' can't be
established.
ED25519 key fingerprint is SHA256:<deleted>.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])?
debug1: read_passphrase: requested to askpass
argv: Please type 'yes', 'no' or the fingerprint:
debug1: read_passphrase: requested to askpass
argv: Please type 'yes', 'no' or the fingerprint:
debug1: read_passphrase: requested to askpass
argv: Please type 'yes', 'no' or the fingerprint:
debug1: read_passphrase: requested to askpass
argv: Please type 'yes', 'no' or the fingerprint:
It looks like all interactive input goes through read_passphrase() in
readpass.c, whether or not it's a credential. Is this intentional?
Possibly related:
https://bugzilla.mindrot.org/show_bug.cgi?id=3314
https://bugzilla.mindrot.org/show_bug.cgi?id=3226
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
Bug ID: 3320
Summary: Authentication hangs when SSH_ASKPASS_REQUIRE=prefer
and remote host key fingerprint isn't known
Product: Portable OpenSSH
Version: 8.6p1
Hardware: 68k
OS: Mac OS X
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unassigned-bugs@mindrot.org
Reporter: jack+portable-openssh-bugzilla@foys.net
Hello,
I set SSH_ASKPASS_REQUIRE=prefer so that git would use SSH_ASKPASS to
pull passphrases from an external keychain, even when run
interactively. I've unblocked myself from the problem below by setting
SSH_ASKPASS_REQUIRE only from .gitconfig.
Later, I discovered that with SSH_ASKPASS_REQUIRE=prefer, ssh hangs
when connecting to a new host. `ssh -v` shows the following, repeated:
debug1: read_passphrase: requested to askpass
debug1: read_passphrase: requested to askpass
debug1: read_passphrase: requested to askpass
After amending the custom askpass program to show its argv on stderr:
debug1: read_passphrase: requested to askpass
argv: The authenticity of host 'testhost (10.1.10.10)' can't be
established.
ED25519 key fingerprint is SHA256:<deleted>.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])?
debug1: read_passphrase: requested to askpass
argv: Please type 'yes', 'no' or the fingerprint:
debug1: read_passphrase: requested to askpass
argv: Please type 'yes', 'no' or the fingerprint:
debug1: read_passphrase: requested to askpass
argv: Please type 'yes', 'no' or the fingerprint:
debug1: read_passphrase: requested to askpass
argv: Please type 'yes', 'no' or the fingerprint:
It looks like all interactive input goes through read_passphrase() in
readpass.c, whether or not it's a credential. Is this intentional?
Possibly related:
https://bugzilla.mindrot.org/show_bug.cgi?id=3314
https://bugzilla.mindrot.org/show_bug.cgi?id=3226
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs