diff --git a/cmdline.c b/cmdline.c index 62d65e19..18781469 100644 --- a/cmdline.c +++ b/cmdline.c @@ -584,6 +584,32 @@ int cmdline_process_param(const char *p, char *value, } } + if (!strcmp(p, "-pwfile")) { + RETURN(2); + UNAVAILABLE_IN(TOOLTYPE_NONNETWORK); + SAVEABLE(1); + /* We delay evaluating this until after the protocol is decided, + * so that we can warn if it's of no use with the selected protocol */ + if (conf_get_int(conf, CONF_protocol) != PROT_SSH) + cmdline_error("the -pwfile option can only be used with the " + "SSH protocol"); + else { + Filename *fn = filename_from_str(value); + FILE *fp = f_open(fn, "r", false); + if (!fp) { + cmdline_error("unable to open password file '%s'", value); + } else { + cmdline_password = chomp(fgetline(fp)); + if (!cmdline_password) { + cmdline_error("unable to read a password from file '%s'", + value); + } + fclose(fp); + } + filename_free(fn); + } + } + if (!strcmp(p, "-agent") || !strcmp(p, "-pagent") || !strcmp(p, "-pageant")) { RETURN(1); diff --git a/doc/index.but b/doc/index.but index f7e7145a..0629f81b 100644 --- a/doc/index.but +++ b/doc/index.but @@ -245,6 +245,7 @@ saved sessions from \IM{-m} \c{-m} command-line option \IM{-P-upper} \c{-P} command-line option \IM{-pw} \c{-pw} command-line option +\IM{-pwfile} \c{-pwfile} command-line option \IM{-A-upper} \c{-A} command-line option \IM{-a} \c{-a} command-line option \IM{-X-upper} \c{-X} command-line option diff --git a/doc/man-plink.but b/doc/man-plink.but index ea555abf..2a3b36c7 100644 --- a/doc/man-plink.but +++ b/doc/man-plink.but @@ -114,11 +114,16 @@ sequences. These options override Plink's default behaviour to enable or disabling such filtering on the standard error and standard output channels. +\dt \cw{-pwfile} \e{filename} + +\dd Open the specified file, and use the first line of text read from +it as the remote password. + \dt \cw{-pw} \e{password} \dd Set remote password to \e{password}. \e{CAUTION:} this will likely make the password visible to other users of the local machine (via -commands such as \q{\c{w}}). +commands such as \q{\c{ps}} or \q{\c{w}}). Use \cw{-pwfile} instead. \dt \cw{\-L} \cw{[}\e{srcaddr}\cw{:]}\e{srcport}\cw{:}\e{desthost}\cw{:}\e{destport} diff --git a/doc/man-pscp.but b/doc/man-pscp.but index 402b9eef..544d3a40 100644 --- a/doc/man-pscp.but +++ b/doc/man-pscp.but @@ -101,11 +101,16 @@ channel from the server, to prevent remote processes sending confusing escape sequences. This option forces the standard error channel to not be filtered. +\dt \cw{-pwfile} \e{filename} + +\dd Open the specified file, and use the first line of text read from +it as the remote password. + \dt \cw{-pw} \e{password} \dd Set remote password to \e{password}. \e{CAUTION:} this will likely make the password visible to other users of the local machine (via -commands such as \q{\c{w}}). +commands such as \q{\c{ps}} or \q{\c{w}}). Use \cw{-pwfile} instead. \dt \cw{-1} diff --git a/doc/man-psftp.but b/doc/man-psftp.but index 4e92e48b..e0b48602 100644 --- a/doc/man-psftp.but +++ b/doc/man-psftp.but @@ -89,11 +89,16 @@ channel from the server, to prevent remote processes sending confusing escape sequences. This option forces the standard error channel to not be filtered. +\dt \cw{-pwfile} \e{filename} + +\dd Open the specified file, and use the first line of text read from +it as the remote password. + \dt \cw{-pw} \e{password} \dd Set remote password to \e{password}. \e{CAUTION:} this will likely make the password visible to other users of the local machine (via -commands such as \q{\c{w}}). +commands such as \q{\c{ps}} or \q{\c{w}}). Use \cw{-pwfile} instead. \dt \cw{-1} diff --git a/doc/using.but b/doc/using.but index 02a67808..8811b5fa 100644 --- a/doc/using.but +++ b/doc/using.but @@ -838,17 +838,23 @@ any case.) This option is equivalent to the port number control in the Session panel of the PuTTY configuration box (see \k{config-hostname}). -\S2{using-cmdline-pw} \i\c{-pw}: specify a \i{password} +\S2{using-cmdline-pw} \i\c{-pwfile} and \i\c{-pw}: specify a \i{password} A simple way to automate a remote login is to supply your password -on the command line. This is \e{not recommended} for reasons of -security. If you possibly can, we recommend you set up public-key -authentication instead. See \k{pubkey} for details. +on the command line. -Note that the \c{-pw} option only works when you are using the SSH -protocol. Due to fundamental limitations of Telnet, Rlogin, and -SUPDUP, these protocols do not support automated password -authentication. +The \c{-pwfile} option takes a file name as an argument. The first +line of text in that file will be used as your password. + +The \c{-pw} option takes the password itself as an argument. This is +\s{NOT SECURE} if anybody else uses the same computer, because the +whole command line (including the password) is likely to show up if +another user lists the running processes. \c{-pw} is retained for +backwards compatibility only; you should use \c{-pwfile} instead. + +Note that these options only work when you are using the SSH protocol. +Due to fundamental limitations of Telnet, Rlogin, and SUPDUP, these +protocols do not support automated password authentication. \S2{using-cmdline-agentauth} \i\c{-agent} and \i\c{-noagent}: control use of Pageant for authentication diff --git a/pscp.c b/pscp.c index 07546dd4..4e5d7cbf 100644 --- a/pscp.c +++ b/pscp.c @@ -2201,7 +2201,7 @@ static void usage(void) printf(" -load sessname Load settings from saved session\n"); printf(" -P port connect to specified port\n"); printf(" -l user connect with specified username\n"); - printf(" -pw passw login with specified password\n"); + printf(" -pwfile file login with password read from specified file\n"); printf(" -1 -2 force use of particular SSH protocol version\n"); printf(" -ssh -ssh-connection\n"); printf(" force use of particular SSH protocol variant\n"); diff --git a/psftp.c b/psftp.c index 993a3e35..4dc60dc1 100644 --- a/psftp.c +++ b/psftp.c @@ -2535,7 +2535,7 @@ static void usage(void) printf(" -load sessname Load settings from saved session\n"); printf(" -l user connect with specified username\n"); printf(" -P port connect to specified port\n"); - printf(" -pw passw login with specified password\n"); + printf(" -pwfile file login with password read from specified file\n"); printf(" -1 -2 force use of particular SSH protocol version\n"); printf(" -ssh -ssh-connection\n"); printf(" force use of particular SSH protocol variant\n"); diff --git a/unix/plink.c b/unix/plink.c index 74e772b4..69667a3d 100644 --- a/unix/plink.c +++ b/unix/plink.c @@ -516,7 +516,7 @@ static void usage(void) printf(" -sercfg configuration-string (e.g. 19200,8,n,1,X)\n"); printf(" Specify the serial configuration (serial only)\n"); printf("The following options only apply to SSH connections:\n"); - printf(" -pw passw login with specified password\n"); + printf(" -pwfile file login with password read from specified file\n"); printf(" -D [listen-IP:]listen-port\n"); printf(" Dynamic SOCKS-based port forwarding\n"); printf(" -L [listen-IP:]listen-port:host:port\n"); diff --git a/windows/plink.c b/windows/plink.c index 1c1872dc..8d3a75cf 100644 --- a/windows/plink.c +++ b/windows/plink.c @@ -138,7 +138,7 @@ static void usage(void) printf(" -sercfg configuration-string (e.g. 19200,8,n,1,X)\n"); printf(" Specify the serial configuration (serial only)\n"); printf("The following options only apply to SSH connections:\n"); - printf(" -pw passw login with specified password\n"); + printf(" -pwfile file login with password read from specified file\n"); printf(" -D [listen-IP:]listen-port\n"); printf(" Dynamic SOCKS-based port forwarding\n"); printf(" -L [listen-IP:]listen-port:host:port\n");