On 11.12.2015 06:19, Andy Bradford said: >> when called as a process [1]. I don't know if this can be solved >> inside fossil; a workaround is to use a modified plink, e.g. that from >> TortoiseSVN. > > You can configure Fossil to use the modified plink. Use: > > fossil clone --ssh-command /path/to/modified/plink.exe -T -e none ...
That is exactly what I've done (and more, i.e. "fossil settings --global ssh-command PATH"). > >> Still there seems to be another problem with fossil: it does not pass >> the password to plink when it was given on the command line as in >> user:pass@host:port. > This is because Fossil does not interact with SSH, the end user does. > Fossil forks an SSH command, and you, the user, interact with any > prompts the SSH process issues. When you have completed entering > password information into SSH, Fossil now has a set of encrypted pipes > to read/write to via stdin/stdout. I agree. Still the documentation (e.g. fossil clone) mentions this possibility for ssh URL's ([userid[:password]@]host), so in my opinion either fossil passes the password further to plink (it cannot do this on Linux to ssh, since that one has no password argument), or it removes this altogether from documentation. Would it be an idea to detect the case Windows and no Pageant (or maybe add some new "-p" fossil argument) and implement password prompt inside fossil? Just contemplating... Side note: as for the security risk, I agree in principle, but since the user has already decided to type in his password on fossil's command line, the evil is there and passing it to plink makes it no worse. Daniel _______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
