allow some additional control over the use of ssh-askpass

via $SSH_ASKPASS_REQUIRE, including force-enable/disable.
bz#69 ok markus@

1 files changed, 23 insertions, 7 deletions

diff --git a/usr.bin/ssh/ssh-add.1 b/usr.bin/ssh/ssh-add.1
index f3db1956e1b..2786df51417 100644
--- a/usr.bin/ssh/ssh-add.1
+++ b/usr.bin/ssh/ssh-add.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-add.1,v 1.80 2020/06/26 05:04:07 djm Exp $
+.\"	$OpenBSD: ssh-add.1,v 1.81 2020/07/14 23:57:01 djm Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: June 26 2020 $
+.Dd $Mdocdate: July 14 2020 $
 .Dt SSH-ADD 1
 .Os
 .Sh NAME
@@ -174,7 +174,7 @@ Lock the agent with a password.
 .El
 .Sh ENVIRONMENT
 .Bl -tag -width Ds
-.It Ev "DISPLAY" and "SSH_ASKPASS"
+.It Ev "DISPLAY", "SSH_ASKPASS" and "SSH_ASKPASS_REQUIRE"
 If
 .Nm
 needs a passphrase, it will read the passphrase from the current
@@ -195,10 +195,26 @@ This is particularly useful when calling
 from a
 .Pa .xsession
 or related script.
-(Note that on some machines it
-may be necessary to redirect the input from
-.Pa /dev/null
-to make this work.)
+.Pp
+.Ev SSH_ASKPASS_REQUIRE
+allows further control over the use of an askpass program.
+If this variable is set to
+.Dq never
+then
+.Nm
+will never attempt to use one.
+If it is set to
+.Dq prefer ,
+then
+.Nm
+will prefer to use the askpass program instead of the TTY when requesting
+passwords.
+Finally, if the variable is set to
+.Dq force ,
+then the askpass program will be used for all passphrase input regardless
+of whether
+.Ev DISPLAY
+is set.
 .It Ev SSH_AUTH_SOCK
 Identifies the path of a
 .Ux Ns -domain