<rdar://problem/30518544>

Created attachment 301534 [details] Patch

(In reply to comment #0) > When SSH commands and other tools using SSH are automated, they expect RSA > keys to be set up for automatic authentication. In some cases, this is not > possible. Can you elaborate why this is not possible?

Comment on attachment 301534 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=301534&action=review This is not the correct approach. > Tools/Scripts/command-with-password:29 > +set password [lindex $argv 0] > +set cmd [lrange $argv 1 end] It is not good security practice to pass a password as a command line argument. It makes the password observable to all users on the system.

Comment on attachment 301534 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=301534&action=review > Tools/Scripts/command-with-password:33 > + expect "Are you sure you want to continue connecting (yes/no)" { This makes the script specific to ssh and related tools, so the current name is too generic. Also, ideally we would use an ssh option to disable the check.

Just a quick note about the choice of an expect script here: The only other possible solution that I am aware of would be Fabric, and since I have not actually attempted to implement the Fabric version of this, I can't say definitively that Fabric would achieve our goals here. Even if Fabric is a possible solution, that would be a pretty large dependency, comparatively. We currently use Fabric on our bots, but it is not a required dependency locally.

The method for doing this has changed. This patch no longer applies.