Re: SSH clients and hiding passwords

Dan <user@xxxxxxxxxxx> wrote:
Ah, I am sensing them that I have a fundamentally wrong approach to
sending commands from my SSH client to a server. The method I have been
using thus far is that my "console" collects user input, which it adds
up into a string. When the user presses the "enter" key, the string is
sent to the SSH stream.

Correct me if I am wrong, but I have just learned that each key that is
pressed by the user at the SSH client is not displayed in the terminal
at that point, but is sent to the server, which echoes the input back to
the user's SSH client, and then it is displayed on the user's SSH

That's right. At least, usually; if the SSH client doesn't allocate
a pty at the server end, it will typically switch to behaving as you
describe in your first paragraph.

On a standard Unix OpenSSH setup, if you type `ssh hostname cat',
then ssh will not allocate a remote terminal, and the client will
echo your input locally and collect a whole line before sending it
(exactly as you describe).

However, if you type `ssh -t hostname cat', then ssh _will_ allocate
a remote terminal, will cease performing local echo or local line
editing, and will instead send your keystrokes one by one to the
server, which will echo them back to you in the course of collecting
a line at a time at _its_ end.

The two cases are visually indistinguishable to the user, but
examining them using `strace' shows a world of difference.
Simon Tatham "infinite loop _see_ loop, infinite"
<anakin@xxxxxxxxx> - Index, Borland Pascal Language Guide

Relevant Pages

  • Re: "reverse" SOCKS with Putty
    ... I wish to make a tunnel in order to "forward" the LAN to my home ... there are no SSH servers on the network used to play at school. ... by the server to unilaterally set up forwarded connections, ... tunnels for your application in your SSH client. ...
  • Re: Password works Public Key doesnt
    ... > TA> From a WinXP SSH client to a Win2K server I can connect using the ... When I try Public Key, I get this error: Server ... > * SSH client software and version? ...
  • Re: trouble tunneling
    ... JM> VNC server and an SSH server (SSH secure shell server evaluation ... JM> version) running on computer A. I use putty as my ssh client on B ... the SSH server would not be listening on 5900; your VNC server should ...
    ... Correct me if I am wrong, it appears that ssh and gnupg has similar ... Do I have to send my public key to ... the other machine (ssh client) and likewise do the same thing get a copy ... Is the passphrase function here same as in gnupg that if you have ...
  • Re: Using public key pair to authenticate
    ... I deliver support for the F-Secure SSH products and have this question ... The best thing to do would be to convert the public key into ... Copy the converted public key over to the SSH Server and place it ... into a tar file and untar them onto the SSH Client ...