https://bugzilla.mindrot.org/show_bug.cgi?id=3644
Bug ID: 3644 Summary: Pass the number of attempt to SSH_ASKPASS Product: Portable OpenSSH Version: 9.4p1 Hardware: All OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-b...@mindrot.org Reporter: flafyar...@gmail.com I'm working on a script to make `ssh` request a passphrase from a command of my choice instead of prompting me for a passphrase directly. If the script doesn't find a passphrase through the command, it should prompt me to input a passphrase. Additionally, if the script got a passphrase from the command but the passphrase was not correct, it should prompt me to input a passphrase as well. I've set ``` SSH_ASKPASS_REQUIRE=prefer SSH_ASKPASS=<path to the following bash script> ``` bash script: ``` #!/usr/bin/env bash key_name=$(echo "$1" | sed -n "s/.*\/\([^\/]*\)'.*/\1/p") pass=$(get-passphrase-command "$key_name") if [ $? -eq 0 ]; then echo "$pass" else echo "Couldn't find passphrase from Bitwarden." >&2 read -s -p "$1" passphrase echo "" >&2 echo "$passphrase" fi ``` `ssh` will run this script every time it wants to request a passphrase. If a passphrase returned by the script is not correct, `ssh` will run the script 2 more times. The script does exactly what I've described except prompt me for a passphrase if it got an incorrect passphrase from the command. I can't pass information from one attempt to another, so the script has no idea if it failed already. `ssh` passes the prompt it usually shows as the first argument(`$1`) to SSH_ASKPASS. To make my script possible, I propose also passing the number of attempted passphrases so far to SSH_ASKPASS as the second argument(`$2`). This way I'll be able to detect it is the script's second attempt at inputting a passphrase and not run the passphrase command again. -- You are receiving this mail because: You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs