On Fri, May 28, 2010 at 12:32:33PM +0200, Dejan Muhamedagic wrote: > On Fri, May 28, 2010 at 11:07:53AM +0200, Lars Ellenberg wrote: > > On Thu, May 27, 2010 at 09:48:15PM -0600, Tim Serong wrote: > > > On 5/27/2010 at 10:24 PM, Lars Ellenberg <[email protected]> > > > wrote: > > > > On Thu, May 27, 2010 at 12:46:14AM +0200, Matthias Ferdinand wrote: > > > > > --On Wednesday, May 26, 2010 12:00:02 -0600 > > > > > [email protected] wrote: > > > > > >> OK, but it'd be still better/easier to just use ssh with public > > > > > >> key authentication. For telnet, there is a python plugin > > > > > >> ibmrsa-telnet which could be modified for iLO. > > > > > > > > > > > > DISPLAY=dummy SSH_ASKPASS=/bin/my_cat_passwd_file.sh ssh somewhere > > > > > > my_cat_passwd_file.sh: > > > > > ># !/bin/sh > > > > > > cat /etc/passwd_file > > > > > > > > > > > > /etc/passwd_file: 0600 root root containing your password ;-) > > > > > > > > > thank you for your hints. SSH_ASKPASS did not work for me (using > > > > > password > > > > > auth), ssh keeps prompting for the password. Apparently SSH_ASKPASS > > > > > is for > > > > > passphrases only. > > > > > > > > No. But as long as ssh _does_ have a tty, it will ask for the password > > > > on the tty ;-) > > > > Only if it does not find a tty, it will use the askpass hook. > > > > > > > > > but as the script now does the job I think will just leave it at > > > > > that. > > > > > > > > It needs to work for you, that is what matters. > > > > > > If you still want to fiddle around with SSH_ASKPASS, it might help to > > > redirect stdin from /dev/null... > > > > Nope. > > ssh explicitly opens /dev/tty. > > So for it to not use the tty, it needs to have no tty ;-) > > To get rid of a tty, you usually do setsid. > > Isn't there a ssh option for this, i.e. don't allocate tty?
Well, yes. That's one way I tested my claim that it works ;-) ssh -T into an other box, causing me to not have a tty there, and then doing the DISPLAY=dummy SSH_ASKPASS=script trick. But it won't help for the described (and already solved) problem. Best solution is to use key based auth. > Though this is really getting out of control ;-) -- : Lars Ellenberg : LINBIT | Your Way to High Availability : DRBD/HA support and consulting http://www.linbit.com DRBD® and LINBIT® are registered trademarks of LINBIT, Austria. _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
