Bug#245991: ssh-add echoes passphrase to the terminal
Package: ssh
Version: 1:3.8p1-3
Severity: normal
I just went to use ssh-add and noticed that it is now echoing my
passphrase directly to the terminal. I'm not sure exactly when this
started occuring, it must be within the last couple of days as I
probably last used ssh-add two or three days ago, i've just rebooted
so had to use it again.
I consider this a critical bug as I couldn't use ssh-add anywhere
public and be happy I wasn't sharing my passphrase with other people
in the room.
Stephen Quinney
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.5
Locale: LANG=C, LC_CTYPE=C
Versions of packages ssh depends on:
ii adduser 3.52 Add and remove users and groups
ii debconf 1.4.22 Debian configuration management sy
ii dpkg 1.10.20 Package maintenance system for Deb
ii libc6 2.3.2.ds1-12 GNU C Library: Shared libraries an
ii libpam-modules 0.76-19 Pluggable Authentication Modules f
ii libpam-runtime 0.76-19 Runtime support for the PAM librar
ii libpam0g 0.76-19 Pluggable Authentication Modules l
ii libssl0.9.7 0.9.7d-1 SSL shared libraries
ii libwrap0 7.6-ipv6.1-3 Wietse Venema's TCP wrappers libra
ii zlib1g 1:1.2.1-5 compression library - runtime
-- debconf information:
ssh/insecure_rshd:
ssh/privsep_ask: true
* ssh/user_environment_tell:
* ssh/forward_warning:
* ssh/insecure_telnetd:
ssh/new_config: true
* ssh/use_old_init_script: true
ssh/rootlogin_warning:
* ssh/upgrade_to_openssh: true
* ssh/SUID_client: true
* ssh/protocol2_default:
* ssh/privsep_tell:
* ssh/ssh2_keys_merged:
ssh/ancient_version:
ssh/protocol2_only: true
ssh/encrypted_host_key_but_no_keygen:
* ssh/run_sshd: true
Reply to: