From 795504806c2498feccbb9b3fafe76078091de6fd Mon Sep 17 00:00:00 2001
From: Stefan Bodewig <bodewig@apache.org>
Date: Wed, 16 Jul 2008 09:57:21 +0000
Subject: [PATCH] Use the same warning in all three documents about ssh
 authentication.  PR 43941.

git-svn-id: https://svn.apache.org/repos/asf/ant/core/trunk@677222 13f79535-47bb-0310-9956-ffa450edef68
---
 docs/manual/OptionalTasks/sshexec.html | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/docs/manual/OptionalTasks/sshexec.html b/docs/manual/OptionalTasks/sshexec.html
index ce214ab84..c8aa6ff42 100644
--- a/docs/manual/OptionalTasks/sshexec.html
+++ b/docs/manual/OptionalTasks/sshexec.html
@@ -205,13 +205,16 @@ substitution and include the password on the command line.  For example:<br>
 	password=&quot;${password}&quot;
 	command=&quot;touch somefile&quot;/&gt;
 </pre>
-Invoke ant with the following command line:
+Invoking ant with the following command line:
 <pre>
     ant -Dusername=me -Dpassword=mypassword target1 target2
 </pre>
-which trades hard coded passwords for the possibility that any other
-user tracing processes on the machine running Ant (or reading your
-command shell's history) may now read the password.
+
+Is slightly better, but the username/password is exposed to all users
+on an Unix system (via the ps command). The best approach is to use
+the
+<code>&lt;input&gt;</code> task and/or retrieve the password from a (secured)
+.properties file.
 </p>
 </body>
 </html>