simon-git: putty (master): Simon Tatham

Commits to Tartarus CVS repository. tartarus-commits at lists.tartarus.org
Thu Mar 17 18:58:26 GMT 2016


TL;DR:
  0fadffe Add command-line passphrase-file options to command-line PuTTYgen.

Repository:     git://git.tartarus.org/simon/putty.git
On the web:     http://tartarus.org/~simon-git/gitweb/?p=putty.git
Branch updated: master
Committer:      Simon Tatham <anakin at pobox.com>
Date:           2016-03-17 18:58:26

commit 0fadffe0cbd191c3125834a1445ebe1885a88295
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=0fadffe0cbd191c3125834a1445ebe1885a88295;hp=5c5879b99d2a0785095a384f48a2d934e1b2d4c5
Author: Simon Tatham <anakin at pobox.com>
Date:   Thu Mar 17 18:42:46 2016 +0000

    Add command-line passphrase-file options to command-line PuTTYgen.
    
    Patch due to Colin Watson.
    
    Putting the passphrase in a file avoids exposing it to 'ps' which can
    print out every process's command line, while at the same time not
    being as platform-specific as the approach of providing an fd number
    (since cmdgen.c is in principle a potential cross-platform PuTTYgen,
    not just a Unix one, which is why it's not in the 'unix' directory).
    
    Of course it introduces its own risks if someone can read the file
    from your disk after you delete it; probably the best approach to
    avoiding this, if possible, is to point the option at a file on an
    in-memory tmpfs type file system. Or better still, use bash-style
    /dev/fd options such as
    
      puttygen --new-passphrase <(echo -n "my passphrase") [options]
    
    Failing that, try a secure file-wipe utility, as the man page change
    mentions.
    
    (And a use case not to be overlooked, of course, is the one where you
    actually want to generate an unprotected key - in which case, just
    pass /dev/null as the filename.)

 cmdgen.c       |  149 +++++++++++++++++++++++++++++++++++++-------------------
 doc/man-pg.but |   20 ++++++--
 2 files changed, 114 insertions(+), 55 deletions(-)



More information about the tartarus-commits mailing list