Skip to content

Inspect SSH_ASKPASS_PROMPT in SSH_ASKPASS script for reliability #86319

New issue
New issue
Open
#86354
Open
Inspect SSH_ASKPASS_PROMPT in SSH_ASKPASS script for reliability#86319
#86354
Labels
featureThis issue/PR relates to a feature request.has_prThis issue has an associated PR.needs_triageNeeds a first human triage before being processed.
@sivel

Description

@sivel
sivel
opened on Dec 10, 2025

Summary

openssh sets a SSH_ASKPASS_PROMPT env var to help instruct the askpass program what to do. I've looked through the code, and believe it supports:

  • confirm - yes/no question
  • none - information only?
  • '' empty or missing, anything else? - input

An example implementation of using this can be found at https://github.com/openssh/openssh-portable/blob/94bf1154b4132727114f222a587daeac101f1f5b/contrib/gnome-ssh-askpass2.c#L172-L185

This may be more reliable that only looking at certain messages, although it is probably best to leave the regex alone, just to continue to ensure behavior matching with sshpass.

Issue Type

Feature Idea

Component Name

lib/ansible/cli/_ssh_askpass.py

Additional Information

NA

Code of Conduct

  • I agree to follow the Ansible Code of Conduct

Metadata

Metadata

Assignees

No one assigned

    Labels

    featureThis issue/PR relates to a feature request.has_prThis issue has an associated PR.needs_triageNeeds a first human triage before being processed.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions