Subject: pubkey auth needs to verify supplied passphrase

pubkey auth needs to verify supplied passphrase

From: suyog jadhav <>
Date: Mon, 29 Mar 2010 18:04:57 +0530 (IST)

Hi, The scenario is like the follows, I have a key which has passphrase as NULL(no passphrase). Now I give it as parameter to libssh2_userauth_publickey_fromfile along with NOT-NULL(anything) passphrase. The pubkey auth succeeds in this case,as there is nowhere check for this scenario. I understand that default ssh client doesn't ask for passphrase for such key,which was the requirement for such case,I think. Anyway,my application asks user to configure these values (pubkey path,passphrase).Now if user has given SOME passphrase for a key which doesn't require passphrase, all the operations such as login and command execution succeeds contrary to wrong configuration. There is no way to detect this and notify user. I am trying to find a way around this,but could anybody please suggest where is the appropriate place to put such check and transmit that error back? I have also raised a ticket for a fix similar to this problem. Regards Suyog The INTERNET now has a personality. YOURS! See your Yahoo! Homepage.

Received on 2010-03-29