Use SSHPASS envvar instead of -p for sshpass (#3177)

From the sshpass manpage: > The -p option should be considered the least secure of all of sshpass's options. All system users can see the password in the command line with a simple "ps" command. Sshpass makes a minimal attempt to hide the password, but such attempts are doomed to create race conditions without actually solving the problem. Users of sshpass are encouraged to use one of the other password passing techniques, which are all more secure. This PR changes the sshpass behavior to execute a subprocess with the SSHPASS envvar (which is generally regarded as more secure) than using the -p option.
2017-08-15 19:43:39 -04:00 · 2017-08-15 19:43:39 -04:00 · c1e6e0bdf2
parent 48bf1d6edc
commit c1e6e0bdf2
1 changed files with 11 additions and 1 deletions
--- a/command/ssh.go
+++ b/command/ssh.go
@ -184,11 +184,21 @@ func (c *SSHCommand) Run(args []string) int {
 		// Feel free to try and remove this dependency.
 		sshpassPath, err := exec.LookPath("sshpass")
 		if err == nil {
-			sshCmdArgs = append(sshCmdArgs, []string{"-p", string(resp.Key), "ssh", "-o UserKnownHostsFile=" + userKnownHostsFile, "-o StrictHostKeyChecking=" + strictHostKeyChecking, "-p", resp.Port, username + "@" + ip.String()}...)
+			sshCmdArgs = append(sshCmdArgs, []string{
+				"-e", // Read password for SSHPASS environment variable
+				"ssh",
+				"-o UserKnownHostsFile=" + userKnownHostsFile,
+				"-o StrictHostKeyChecking=" + strictHostKeyChecking,
+				"-p", resp.Port,
+				username + "@" + ip.String(),
+			}...)
 			if len(args) > 1 {
 				sshCmdArgs = append(sshCmdArgs, args[1:]...)
 			}
+			env := os.Environ()
+			env = append(env, fmt.Sprintf("SSHPASS=%s", string(resp.Key)))
 			sshCmd := exec.Command(sshpassPath, sshCmdArgs...)
+			sshCmd.Env = env
 			sshCmd.Stdin = os.Stdin
 			sshCmd.Stdout = os.Stdout
 			err = sshCmd.Run()