- martin
Post a reply
Before posting, please read how to report bug or request support effectively.
Bug reports without an attached log file are usually useless.
Topic review
- Skeeve
To answer my own question and maybe to raise some attention of others who might have better ideas, here is what I've come up with.
I created a script in my target host's home directory containing this:
In my WinSCP settings for the host I have now this configured as shell:
Before I invoke the WinSCP session I log in to the target host starting
But while the script is waiting for the connection, after I entered my password, I start WinSCP and connect to my host. The
I created a script in my target host's home directory containing this:
#!/bin/sh
if [ -t 0 ] ; then # interactive
if [ -r $0.fifo ] ; then rm $0.fifo ; fi
mkfifo -m 600 $0.fifo
stty -echo
echo -n "Password for upcoming winscp session: "
read p
stty echo
echo
echo -n "Waiting for connection..."
echo $p > $0.fifo
echo
echo "Connected!"
rm $0.fifo
elif [ -r $0.fifo ] ; then # non interactive - fifo exists
cat $0.fifo
rm $0.fifo
fi
In my WinSCP settings for the host I have now this configured as shell:
SUDO_ASKPASS=mypass sudo -A su - TARGETUSER
Before I invoke the WinSCP session I log in to the target host starting
mypass, which will then ask me for the password and put it into a fifo. As soon as the fifo was read, I get the message "Connected" and the fifo gets removed.
But while the script is waiting for the connection, after I entered my password, I start WinSCP and connect to my host. The
sudo command of my shell-commands starts mypass and notices that it's non-interactive and that a password is waiting in the fifo. It reads the password, echos it to stdout (for sudo to read) and deletes the fifo. I delete the fifo twice just to be sure that it's removed, either by the writer or by the reader.
- Skeeve
WinSCP askpass tips please
I want to access files on remote servers where I'm just allowed to do
Unfortunately I have to enter my password for
I found out that I can use SCP as file protocol and as shell I use
The
This works fine except for the fact that
Does anyone here have any tip for me, how I can provide the password to
Note: I can't change the configuration of
sudo su - TARGETUSER
Unfortunately I have to enter my password for
sudo.
I found out that I can use SCP as file protocol and as shell I use
SUDO_ASKPASS=./mypass sudo -A su - TARGETUSER
The
mypass simply contains
#!/bin/sh
echo 'My Secret Password'
This works fine except for the fact that
./mypass has to contain my password.
Does anyone here have any tip for me, how I can provide the password to
sudo without having to store it in clear text?
Note: I can't change the configuration of
sudo or anything of the system.