From 371f1ef140895e54047a16a8278a272c6c8aaf2c Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20K=C3=A4stner?= Date: Wed, 5 Nov 2014 15:35:16 +0100 Subject: [PATCH] added description, known issues and deployment --- README.md | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index d487983..4aaed28 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,26 @@ askpass.sh ========== -akspass script in bash with visual feedback +An akspass script in bash with visual feedback. + +Why +--- +In general there is no feedback when entering passwords in commandline programs. This can lead to the problem that you enter your password into another application that just got the focus while you were typing. You don't get suspicious because there is no difference between no feedback an typing elsewhere. And then you you've postet your password to a publick chatroom... + +Known Issues +------------ +- sometimes entering a pasword can't be aborted (at least when used with sudo), ctrl + c doesn't work well, ctrl + d doesn't work very well + +Deployment +---------- +- I copied the script to a directory owned by root and changed owner and group to root +- sudo, /etc/sudoers: + - make sudo echo stars when you type the password: `Defaults pwfeedback` + - specify a default program that is used to read the password: `Defaults askpass = /path/to/askpass.sh` + - is only used, when sudo is invoked with option -A and can be overwritten by the environment variable SUDO_ASKPASS + - I use: `alias sudo='SUDO_ASKPASS=/path/to/askpass.sh /usr/bin/sudo -A '` +- encfs: + - just add the option --extpass=/path/to/askpass.sh +- su doesn't seem to have a similar option :-( +- ssh doesn't provide this option for terminal use :-( + -- 2.30.2