xpra icon
Bug tracker and wiki

This bug tracker and wiki are being discontinued
please use https://github.com/Xpra-org/xpra instead.

Opened 5 years ago

Closed 5 years ago

Last modified 17 months ago

#1645 closed enhancement (fixed)

Authorization Prompts

Reported by: vinglya Owned by: vinglya
Priority: major Milestone: 2.2
Component: client Version: trunk
Keywords: authorization prompt password Cc:


When attempting to connect to a secured XPRA server, especially through command line (i.e. xpra start ssl/user@host), if no password is specified through either password-file or on the command line, then XPRA should prompt for the password to use rather than exiting with an error.

This would allow for the password to be omitted from any environment variables, command lines or files where they may be sniffed by other processes.

Change History (6)

comment:1 Changed 5 years ago by Antoine Martin

Owner: changed from Antoine Martin to vinglya

Done in r16907.

This could be re-used for ssh prompts (#1646).


  • the server may timeout the connection if the user takes too long to supply the password (~60 seconds)
  • if the password is wrong the client exits without showing the password prompt again

@vinglya: please close if that works for you.

comment:2 Changed 5 years ago by vinglya

Works fine for me.

Of note - there's no prompt when doing an xpra info ssl/user@host.

comment:3 Changed 5 years ago by Antoine Martin

Resolution: fixed
Status: newclosed

Commands like "xpra info", "xpra version", etc are command line utilities with no GUI, adding a GUI prompt would cause problems with scripts.

comment:4 Changed 5 years ago by vinglya

Just as a note - when I'd mentioned prompting for password in IRC I had thought a simple call to python's getpass module would suffice to request it from stdin of the process rather than a GUI prompt. Either way this at least covers my usecase of only having to provide the password transiently.

comment:5 Changed 5 years ago by Antoine Martin

@vinglya: you're right about using getpass, r16940 does that for command line tools like "xpra info". We first check to see if we're running from a tty so this should remain compatible with any wrapper scripts.

Some minor related improvements in r16941.

r16942 also uses the same code for "xpra attach": if the user started the command from a terminal, we prompt for the password there instead of using the GUI. (minor gripe: if you just press enter from the getpass prompt, the GUI prompt still comes up..)

comment:6 Changed 17 months ago by migration script

this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/1645

Note: See TracTickets for help on using tickets.