Red Hat Bugzilla – Bug 102434
can't get password prompt on tty in vnc-4.0-0.beta3.5.1
Last modified: 2013-04-30 19:33:12 EDT
I have several expect scripts which run vncviewer and interact with it to send the password to it. In the new Raw Hide version of vnc, 4.0-0.beta3.5.1, vncviewer now prompts for the password with a window instead of in the tty from which it was run. There is no way to disable this behavior. There should be a way to tell vncviewer to prompt for a password on the tty so that scripts which rely on being able to send a password to vncviewer will continue to work (albeit perhaps with mods to add the command-line option to toggle the tty-prompting behavior). In other words, in my mind this enhancement is actually a regression in functionality.
I think you can script passwords into vncviewer using vncpasswd to create a password file and then specifying 'passwd=[file]' on the vncviewer command line. But vncpasswd is in the vnc-server package. Would you like to suggest an option name for telling vncviewer to read the password from its tty?
Yes, that's what I ended up doing (vncpasswd), but it's far from an ideal solution, since it requires significant modifications to the calling script (as opposed to simply adding a command-line option to the vncviewer invocation to get tty prompting back) and since it requires exposing password information in a file. I don't really care what the command-line option to get tty prompting is, as long as there is one :-).
Why does using passwd=file require exposing password information in a file any more than putting it in an expect script?
I don't have the password hard-coded in the expect script. I prompt the user for it and then pass it along to vncviewer.
You could do the same with vncpasswd though, couldn't you?
I'm not sure what you mean. Vncpasswd stores the password in a file. It's encoded, yes, but it's a trivial encoding which is easy to break. This file is then passed to vncserver as a command-line argument. In the interim the password is exposed in the file. If vncviewer prompts for the password on the tty directly, it is never stored in a file.
'Red Hat Raw Hide' refers to the development tree for Red Hat Linux. Red Hat Linux is no longer supported by Red Hat, Inc. If you are still running Red Hat Linux, you are strongly advised to upgrade to a current Fedora Core release or Red Hat Enterprise Linux or comparable. Some information on which option may be right for you is available at http://www.redhat.com/rhel/migrate/redhatlinux/. Red Hat apologizes that these issues were not resolved in a more timely manner. However, we do want to make sure that important don't slip through the cracks. If these issues are still present in a current release, such as Fedora Core 5, please move these bugs to that product and version. Note that any remaining Red Hat Raw Hide bugs will be closed as 'CANTFIX' on September 30, 2006. Thanks again for your help.
Still a problem in vnc-4.1.2-3.fc6 in Fedora Core devel.
If I understand well you want pass password through vncviewer option, don't you??
No, I don't want to pass the password through a command-line option. That's a security hole, since other people will be able to see the password on the command line by running "ps". I want to be able to feed the password to vncviewer on stdin, just as I could before it started insisting on prompting for it in an X window. In other words, I want there to be a command-line option which tells vncviewer to prompt for the password on stdin instead of graphically.
Created attachment 138122 [details] new option -passwdInput. type -passwdInput=true to get passwd on stdin I've added new vncviewer option to obtain password on stdin. You can now pass your password through |.
Created attachment 138766 [details] recreated patch for src 4-1_1_2
vnc-4.1.2-4.fc7 has been pushed for fc5, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.
oops, sorry for comment #13. vnc-4.1.2-4.fc6 has been pushed for fc6