Re: sudo password visible through ssh command line
Andrew Sackville-West <andrew@farwestbilliards.com> wrote:
> On Thu, Jul 10, 2008 at 01:04:31PM +0200, Javier Barroso wrote:
>> In sid with key passwordless auth :
>>
>> ssh user@server "sudo ls"
>> password: password
>>
>> And password is shown you
> I definitely consider that a bug. Who to file against? I don't know.
> Is this new behavior?
It's not a bug (well, not in the classic sense), and it's not new
behaviour.
> Su doesn't work at all.
su complains "su: must be run from a terminal", and this helps point
towards the underlying issue. When you run ssh with a command argument,
it does not (by default) create a terminal. This means there's no way
to disable echo, so sudo ends up prompting with a visible password.
The solution is to force ssh to allocate a pseudo-tty, with the -t flag:
ssh -t user@server sudo ls
Chris
Reply to: