Home |
Licence |
FAQ |
Docs |
Download |
Keys |
Links
Mirrors |
Updates |
Feedback |
Changes |
Wishlist |
Team
Several people have asked for password/passphrase prompts etc to appear in dialogue boxes in Plink and/or PuTTY, rather than inlined into the terminal output. There are a couple of good reasons you might want to do this.
For instance, if you're using Plink with CVS but not using passphraseless keys or Pageant, the interface for typing your password is less than ideal (you have to find the relevant command window and type blind into it, apparently).
Similarly if we ever get a Plink/PuTTY mode where no terminal session is required (e.g. it's used for forwarding only).
Also, GUI popups provide some degree of assurance against spoofing attacks; with password/passphrase prompts in the same terminal window as everything else, it's not always easy to be sure that your password is going where you expect, whereas a dialog box is somewhat harder to spoof. (Although we need to clearly distinguish local prompts such as key passphrases from remote prompts, especially keyboard-interactive, where the server would like to control as much of the prompt window as possible. Not sure of the best way to do this yet.)
On Windows, Plink can create dialog boxes despite being a console-mode
program. On Unix, we wouldn't want to add a dependency to Gtk to Plink
just for this; we can probably implement the ssh-askpass
interface, although it would look a bit naff (existing passphrase
requesters mention OpenSSH in the dialog caption, and only allow one
prompt at a time).
ssh-askpass
interface is rather
simple: a prompt (may contain newlines) is optionally passed in as
the first argument, the passphrase is spit out on stdout with a
newline, and exit status is zero for success and non-zero for failure
or user cancellation.
All optional, of course.
Someone's already created a patch to build a GUI Plink for TortoiseCVS.
Audit trail for this wish.