Bug 102434 - can't get password prompt on tty in vnc-4.0-0.beta3.5.1
can't get password prompt on tty in vnc-4.0-0.beta3.5.1
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: vnc (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Adam Tkac
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-08-14 20:42 EDT by Jonathan Kamens
Modified: 2013-04-30 19:33 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-10-24 03:51:26 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
new option -passwdInput. type -passwdInput=true to get passwd on stdin (1.92 KB, patch)
2006-10-10 04:06 EDT, Adam Tkac
no flags Details | Diff
recreated patch for src 4-1_1_2 (2.06 KB, patch)
2006-10-18 04:26 EDT, Adam Tkac
no flags Details | Diff

  None (edit)
Description Jonathan Kamens 2003-08-14 20:42:08 EDT
I have several expect scripts which run vncviewer and interact with it to send
the password to it.  In the new Raw Hide version of vnc, 4.0-0.beta3.5.1,
vncviewer now prompts for the password with a window instead of in the tty from
which it was run.  There is no way to disable this behavior.  There should be a
way to tell vncviewer to prompt for a password on the tty so that scripts which
rely on being able to send a password to vncviewer will continue to work (albeit
perhaps with mods to add the command-line option to toggle the tty-prompting
behavior).

In other words, in my mind this enhancement is actually a regression in
functionality.
Comment 1 Tim Waugh 2003-08-15 04:54:55 EDT
I think you can script passwords into vncviewer using vncpasswd to create a
password file and then specifying 'passwd=[file]' on the vncviewer command line.
 But vncpasswd is in the vnc-server package.

Would you like to suggest an option name for telling vncviewer to read the
password from its tty?
Comment 2 Jonathan Kamens 2003-08-15 09:05:44 EDT
Yes, that's what I ended up doing (vncpasswd), but it's far from an ideal 
solution, since it requires significant modifications to the calling script (as 
opposed to simply adding a command-line option to the vncviewer invocation to 
get tty prompting back) and since it requires exposing password information in  
a file.

I don't really care what the command-line option to get tty prompting is, as 
long as there is one :-).
Comment 3 Tim Waugh 2003-08-15 09:46:09 EDT
Why does using passwd=file require exposing password information in a file any
more than putting it in an expect script?
Comment 4 Jonathan Kamens 2003-08-15 11:01:28 EDT
I don't have the password hard-coded in the expect script.  I prompt the user 
for it and then pass it along to vncviewer.
Comment 5 Tim Waugh 2003-08-15 11:06:10 EDT
You could do the same with vncpasswd though, couldn't you?
Comment 6 Jonathan Kamens 2003-08-15 11:07:40 EDT
I'm not sure what you mean.  Vncpasswd stores the password in a file.  It's 
encoded, yes, but it's a trivial encoding which is easy to break.  This file is 
then passed to vncserver as a command-line argument.  In the interim the 
password is exposed in the file.

If vncviewer prompts for the password on the tty directly, it is never stored 
in a file.
Comment 7 Bill Nottingham 2006-08-07 21:45:24 EDT
'Red Hat Raw Hide' refers to the development tree for Red Hat Linux.
Red Hat Linux is no longer supported by Red Hat, Inc. If you are still
running Red Hat Linux, you are strongly advised to upgrade to a
current Fedora Core release or Red Hat Enterprise Linux or comparable.
Some information on which option may be right for you is available at
http://www.redhat.com/rhel/migrate/redhatlinux/.

Red Hat apologizes that these issues were not resolved in a more
timely manner. However, we do want to make sure that important 
don't slip through the cracks. If these issues are still present
in a current release, such as Fedora Core 5, please move these
bugs to that product and version. Note that any remaining Red Hat
Raw Hide bugs will be closed as 'CANTFIX' on September 30, 2006.
Thanks again for your help.
Comment 8 Jonathan Kamens 2006-09-03 03:14:32 EDT
Still a problem in vnc-4.1.2-3.fc6 in Fedora Core devel.
Comment 9 Adam Tkac 2006-10-04 08:22:42 EDT
If I understand well you want pass password through vncviewer option, don't you??
Comment 10 Jonathan Kamens 2006-10-04 20:43:19 EDT
No, I don't want to pass the password through a command-line option.  That's a
security hole, since other people will be able to see the password on the
command line by running "ps".  I want to be able to feed the password to
vncviewer on stdin, just as I could before it started insisting on prompting for
it in an X window.  In other words, I want there to be a command-line option
which tells vncviewer to prompt for the password on stdin instead of graphically.
Comment 11 Adam Tkac 2006-10-10 04:06:15 EDT
Created attachment 138122 [details]
new option -passwdInput. type -passwdInput=true to get passwd on stdin

I've added new vncviewer option to obtain password on stdin. You can now pass
your password through |.
Comment 12 Adam Tkac 2006-10-18 04:26:45 EDT
Created attachment 138766 [details]
recreated patch for src 4-1_1_2
Comment 13 Fedora Update System 2006-10-20 15:25:17 EDT
vnc-4.1.2-4.fc7 has been pushed for fc5, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.
Comment 14 Adam Tkac 2006-10-24 03:51:26 EDT
oops, sorry for comment #13. vnc-4.1.2-4.fc6 has been pushed for fc6

Note You need to log in before you can comment on or make changes to this bug.