On November 11, tom@penumbra.be said:

> I've recently discovered a rather nasty bug. My login password is
> visible when I use the following command:
> arioch@server ~ $ ssh arioch@ sudo tail -f /var/log/messages; exit
> Password: ********** (user - masked)
> Password: my_not-so-secret-anymore_password (root - not masked)

This is because when you use ssh with an explicit command (in the
example above, your command is sudo), ssh doesn't bother allocating a
pseudo-tty for your session, which means that sudo's password-hiding
is not done, since it is not running within a terminal, as far as it

To force ssh to allocate a pseudo-tty, use -t, as in:

ssh -t arioch@ sudo tail -f /var/log/messages; exit

Use "man ssh" and search for pseudo-tty for more details.

Hope this helps,


openssh-unix-dev mailing list