NAME¶
kwalletaskpass
—
kwallet-based pass-phrase dialog for use with
OpenSSH
SYNOPSIS¶
kwalletaskpass |
[ options ]
label |
DESCRIPTION¶
kwalletaskpass
is a kwallet- and
pinentry-based pass-phrase dialog for use with OpenSSH. It is intended to be
called from the
ssh-add(1) programme and not
invoked directly.
If a passphrase is requested,
kwalletaskpass
works by first looking up the passphrase in the KWallet by means of
kwalletcli(1); using it if found, then calling
kwalletcli_getpin(1) to interactively retrieve an
answer from the user via
pinentry
otherwise. If the user specifies a passphrase,
kwalletcli_getpin(1) is run again to ask if the
passphrase should be stored in the KWallet. Negative answers will be stored in
the KWallet to avoid being asked each time.
kwalletaskpass
uses the KWallet folders
kwalletaskpass
and
kwalletaskpass-blacklist
with matching
entry names.
If anything other than a key passphrase is requested, it is merely relayed to
kwalletcli_getpin(1). Some requests are known to
require a boolean answer and are relayed using the boolean query flag; all
others are relayed using a PIN query.
ssh(1)
accepts either the literal word “yes” (case-insensitively
matched) or an empty answer (both only when using the OK button) as
confirmation.
There are currently no options.
RETURN VALUES¶
kwalletaskpass
exits 0 on success, 1 if the
user cancelled the dialogue, or >1 if an error occured.
ENVIRONMENT¶
DISPLAY
- The X11 display to use for child processes. If this is unset or empty,
kwalletcli
will not be called.
PINENTRY
- The
pinentry
programme to use. The
default is inherited from
kwalletcli_getpin(1).
SEE ALSO¶
kwalletcli(1),
kwalletcli_getpin(1),
ssh-add(1),
ssh-askpass(1)
AUTHORS¶
kwalletaskpass
was written by
Thorsten Glaser
⟨tg@mirbsd.org⟩ mostly for tarent GmbH. The idea came from an
askpass.C file found somewhere on the 'net,
with no author information. Since it was licenced less freely, this is a
rewrite from scratch; modular and with more functionality, too.