KWALLETASKPASS(1) | General Commands Manual | KWALLETASKPASS(1) |
kwalletaskpass
—
kwallet-based pass-phrase dialog for use with
OpenSSH
kwalletaskpass |
[options] label |
kwalletaskpass
is a kwallet- and
pinentry-based pass-phrase dialog for use with OpenSSH. It is intended to be
called from the ssh-add(1) program and not invoked
directly.
If a passphrase is requested,
kwalletaskpass
works by first looking up the
passphrase in the KWallet by means of kwalletcli(1); using
it if found, then calling kwalletcli_getpin(1) to
interactively retrieve an answer from the user via
pinentry
otherwise. If the user specifies a
passphrase, kwalletcli_getpin(1) is run again to ask if
the passphrase should be stored in the KWallet. Negative answers will be
stored in the KWallet to avoid being asked each time.
kwalletaskpass
uses the KWallet folders
kwalletaskpass
and
kwalletaskpass-blacklist
with matching entry
names.
If anything other than a key passphrase is requested, it is merely relayed to kwalletcli_getpin(1). Some requests are known to require a boolean answer and are relayed using the boolean query flag; all others are relayed using a PIN query. ssh(1) accepts either the literal word “yes” (case-insensitively matched) or an empty answer (both only when using the OK button) as confirmation.
There are currently no options.
kwalletaskpass
exits 0 on success, 1 if
the user cancelled the dialogue, or >1 if an error occurred.
DISPLAY
kwalletcli
will not be called.PINENTRY
pinentry
program to use. The default is
inherited from kwalletcli_getpin(1).kwalletcli(1), kwalletcli_getpin(1), ssh-add(1), ssh-askpass(1)
kwalletaskpass
was written by
mirabilos ⟨m@mirbsd.org⟩ mostly for
tarent solutions GmbH. The idea came from an
askpass.C file found somewhere on the 'net, with no
author information. Since it was licenced less freely, this is a rewrite
from scratch; modular and with more functionality, too.
December 25, 2018 | Debian |