Bug#343267: openssh-client: scp should have a more descriptive prompt than "Password:"
Andrew Moise <chops@demiurgestudios.com> writes:
> Package: openssh-client
> Version: 1:4.2p1-5
> Severity: wishlist
> [moise@mole /etc/openvpn]$ sudo scp 'moise@qix.daybreak.com:/etc/openvpn/*' .
> Password:
> Password:
> Surely you can see the problem; without keeping careful track of
> time, it's impossible for me to know whether the prompt I'm
> presented with is a sudo prompt or an scp prompt. IMHO scp's prompt
> should say something akin to "Password for qix.daybreak.com:".
> I am aware that this would probably break some scripts.
> I am also filing a similar bug against sudo, since it's also guilty
> of an ambiguous password prompt.
If you're using ChallengeResponseAuthentication on the remote side, ssh
isn't generating the password prompt. It's giving you exactly the prompt
that the remote PAM module sent. And PAM modules generally do not use
distinguished prompts because that can expose what PAM module is running,
which is sometimes not desirable. (It also turns out that other password
prompts break some applications, such as some Windows ssh clients.)
If you use PasswordAuthentication, ssh will indeed produce a password
prompt like the one that you want.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: