Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

show ssh passwords as I type?

 
Jennifer O'Donnell
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
My keyboard sometimes sticks and on days when I'm entering ssh passwords all day (and there is nobody standing behind me - I checked), is there a way linux will let me see the passwords I enter on the command line?
 
Charles Lyons
Author
Ranch Hand
Posts: 836
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I would guess not as the OpenSSH guys in particular are very hot on security. Usually this works by temporarily disabling terminal echo, so it isn't possible to override it without patching the source code.

Alternatively, have you considered setting up PKC certs? You only need one to identify yourself by, then install it on every machine you use in your home directory. SSH will then authenticate you by certs rather than password. You can secure the private key on your machine with a password---type it once and get immediate access to all other machines. Linux SSH clients and Putty both support it. See for example, here.
 
Pat Farrell
Rancher
Posts: 4678
7
Linux Mac OS X VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Get a new keyboard.

Showing passwords is bad security, and the SSH, OpenSSL, and similar folks are serious about good security.
 
David O'Meara
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
in 'the old days', some terminal emulators had a setting to allow a 'local echo'. Any character printed locally gets printed, and then printed again when returned from the server. When the remote machine doesn't send the character (such as when logging in) you still get the locally created copy.
 
Pat Farrell
Rancher
Posts: 4678
7
Linux Mac OS X VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by David O'Meara:
in 'the old days', some terminal emulators had a setting to allow a 'local echo'.

Actually, I worked on terminals, not terminal emulators in the olden days.

But for password fields, the system would typically output six or eight random characters, a return, six or eight more, a return, etc. until there was a random wad of ink on each character position. This kept folks from retrieving the password. This worked with either local echo, or remote echo.
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18215
53
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Pat Farrell:
Get a new keyboard.

Showing passwords is bad security, and the SSH, OpenSSL, and similar folks are serious about good security.


Actually, ALL Unix/Linux system developers are serious about good security. It's why in order to get Linux to demonstrate "more security problems than Windows", they have to include all the free applications in the security error count on Linux but just the core Windows on Windows.

Unix grew up in a rough neighborhood. Keeping yourself safe was essential. These days, everywhere is a rough neighborhood.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic