Re: login passwd not masked in remote command modus
This is a discussion on Re: login passwd not masked in remote command modus within the OpenSSH Development forums, part of the Networking and Network Related category; On November 11, tom@penumbra.be said: > I've recently discovered a rather nasty bug. My login password is &...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-11-2005
|
|||
|
|||
Re: login passwd not masked in remote command modus
On November 11, tom@penumbra.be said:
> I've recently discovered a rather nasty bug. My login password is > visible when I use the following command: > > arioch@server ~ $ ssh arioch@192.168.0.1 sudo tail -f /var/log/messages; exit > Password: ********** (user - masked) > Password: my_not-so-secret-anymore_password (root - not masked) This is because when you use ssh with an explicit command (in the example above, your command is sudo), ssh doesn't bother allocating a pseudo-tty for your session, which means that sudo's password-hiding is not done, since it is not running within a terminal, as far as it knows. To force ssh to allocate a pseudo-tty, use -t, as in: ssh -t arioch@192.168.0.1 sudo tail -f /var/log/messages; exit Use "man ssh" and search for pseudo-tty for more details. Hope this helps, --dkg _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org http://www.mindrot.org/mailman/listi...enssh-unix-dev 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 09:29 AM.
