Scroll to navigation

ssh-askpass(1) General Commands Manual ssh-askpass(1)

NAME

ssh-askpass
an X11-based pass-phrase dialog for use with OpenSSH

SYNOPSIS

ssh-askpass [options] [label]

DESCRIPTION

ssh-askpass is an X11-based pass-phrase dialog for use with OpenSSH. It is intended to be called from the ssh-add(1) program and not invoked directly.

ssh-askpass supports most standard Toolkit command line arguments, with the exception of -geometry, -borderwidth, -iconic, -rv, and -title. See X(1).

If exactly one non-option argument is provided on the command line, it is displayed in the dialog instead of the default label. If the argument contains newline characters ('\n'), each line of text is displayed on a separate line in the dialog.

The features of ssh-askpass are as follows:

  • Configurable via the standard X resource mechanisms /usr/X11R6/lib/X11/app-defaults, ~/.Xdefaults, xrdb(1), etc.
  • Requires only stock X11 libraries (libXt, libX11, libSM, libICE).
  • Can be configured to grab the keyboard and/or pointer (grabs the keyboard by default, not the pointer).

The user interface is somewhat different than most password/pass-phrase dialogs and more similar to the X11-based pass-phrase dialog that accompanies the regular SSH distribution. Instead of a text field that fills with asterisks or some other character as the user enters the pass-phrase, a series of LED-like areas light up one-by-one with each pass-phrase character entered, beginning from the left-hand edge of the dialog. When they reach the right-hand edge, they go dark one-by-one again, and so on. This gives the user feedback that pass-phrase characters have been entered, but does not provide onlookers with a cue as to the length of the pass-phrase.

Pressing the ‘OK’ button accepts the pass-phrase (even if it is empty), which is printed on the standard output, and the dialog exits with a status of zero (success). Pressing the ‘Cancel’ button discards the pass-phrase, and the dialog exits with non-zero status.

The following keystrokes work as expected:

[Backspace]
 
[Delete]
Erase previous character

[Control+U]
 
[Control+X]
Erase entire pass-phrase

[Enter]
 
[Control+M]
 
[Control+J]
Accept pass-phrase (OK)

[Escape]
Discard pass-phrase (Cancel)

WIDGETS

The main window of ssh-askpass has the widget hierarchy indicated below. The widget class name is given first, followed by the instance name.
Dialog
dialog

Indicator
indicator
Button
okButton
Button
cancelButton

RESOURCES

The following resources are used to customize the application globally:
(class GrabKeyboard)
specifies if the application should grab the keyboard.
Default value:
“True”.
(class GrabPointer)
specifies if the application should grab the pointer.
Default value:
“False”.
(class GrabServer)
specifies if the application should grab the server.
Default value:
“False”.
(class InputTimeout)
the number of seconds
ssh-askpass should wait for a key or button press before it gives up and exits. A timeout of “0” means wait forever.
Default value:
“0”.
(class DefaultXResolution)
the number of pixels per unit length that horizontal
spacing and width values are intended for. If the actual horizontal (x) resolution of the X server is significantly greater or less than this value, portions of the dialog, indicator, and button widgets are stretched or shrunk horizontally to take the difference into account. The value is a positive integer, followed by a slash (/) and a one- or two-character unit abbreviation. Valid units are inches (in or i) and meters (m).
Default value:
“75/in” (75 pixels per inch).
(class DefaultYResolution)
the number of pixels per unit length that vertical
spacing and height values are intended for. If the actual vertical (y) resolution of the X server is significantly greater or less than this value, portions of the dialog, indicator, and button widgets are stretched or shrunk vertically to take the difference into account. Valid values are the same as for defaultXResolution above.
Default value:
“75/in” (75 pixels per inch).
(class XResolutionFuzz)
the range of
“fuzz” around the value of defaultXResolution beyond which some widgets will be stretched or shrunk horizontally to fit the current actual horizontal resolution. Valid values are the same as for defaultXResolution. For example, if the default X resolution is “75/in”, and the X resolution fuzz is “50/in”, then widgets won't be scaled horizontally unless the actual horizontal resolution is less than 25 pixels per inch or greater than 125 pixels per inch.
Default value:
“20/in” (20 pixels per inch).
(class YResolutionFuzz)
the range of
“fuzz” around the value of defaultYResolution beyond which some widgets will be stretched or shrunk vertically to fit the current actual vertical resolution. Valid values are the same as for defaultXResolution above.
Default value:
“20/in” (20 pixels per inch).

The following resources are recognized by the Dialog widget:

(class Title)
The title of the application as specified to the window manager.
(class Label)
The label displayed above the led indicators.
(class Font)
The font to be used to display the label.

The following Resources are recognized by the dialog, button, and indicator widgets and the main widget to customize the 3D appearance (all measurements are in pixels):

(class Foreground)
The foreground color of the widget. This is the text color of the label for buttons and dialog and the color of the active led for the indicator.
(class Background)
The background color of the widget. In the case of the indicator this is the color of the inactive led.
(class TopShadowColor)
The color used by the sides of the widget exposed to the light (top and left).
(class BottomShadowColor)
The color used by the sides of the widget in the shadow (right and bottom).
(class ShadowTickness)
The thickness of the 3D border of the widget.
(class BorderColor)
The color of the border around the widget.
(class BorderWidth)
The width of the border around the widget.
(class HorizontalSpacing)
The space to leave on left and right sides of the widget.
(class VerticalSpacing)
The space to leave on top and bottom sides of the widget.

The following resources are recognized by the indicator widgets:

(class MinimumCount)
The minimum number of indicators to display in the dialog.
(class MaximumCount)
The maximum number of indicators to display in the dialog.

Each button uses the following resources to customize its label:

(class Label)
the string to display on the button.
(class Font)
the font to use for this button label.

FILES

/etc/X11/app-defaults/SshAskpass
 

SEE ALSO

X(1), ssh(1), ssh-agent(1)

LICENSE

[This program is actually called x11-ssh-askpass upstream, hence the use of that name in this section]

Some portions of x11-ssh-askpass are derived directly or indirectly from portions of xscreensaver by Jamie Zawinski <jwz@jwz.org>, while others are original works.

xscreensaver, Copyright © 1991-1999 Jamie Zawinski ⟨jwz@jwz.org⟩

Permission to use, copy, modify, distribute, and sell this software and its documentation for any purpose is hereby granted without fee, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation. No representations are made about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty.

The remaining portions fall under the following copyright and license:

x11-ssh-askpass by Jim Knoble ⟨jmknoble@pobox.com⟩ Copyright © 1999,2000,2001 Jim Knoble

Permission to use, copy, modify, distribute, and sell this software and its documentation for any purpose is hereby granted without fee, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation.

September 17, 2001 Version 1.2.4.1