[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OpenSSH uploaded replacing ssh, please test

On Thu, Nov 04, 1999 at 03:53:03PM +0000, Philip Hands wrote:
> > 	And here's ssh-askpass too. Consider it public domain.
> Is that attempting to do anything to stop people sniffing the
> passphrase?
> It needs to do the same sorts of tricks that xdm does to ensure that
> someone hasn't run an invisible keyboard-event grabber before running
> ssh-askpass.

	It grabs the X focus globally, in the same way xterm's
        Secure keyboard -option and ssh-askpass seem to do.
        I will not read the source of ssh-askpass, that might be
        viewed as copyright infrigment (sp?).

        I am no X expert, but I don't think there's more to do
        than that. Unless you want to lock the pages into memory
Havoc Consulting | unix, linux, perl, mail, www, internet, security consulting
+358 50 5486010  | software development, unix administration, training

Reply to: