Comment by CGamesPlay
18 hours ago
But with OSC 52, any system I ssh into can scrape those passwords. Bigger attack surface, to be sure. And unfortunately there’s no particularly good way of telling if the received escape code originated from the local machine.
only passwords that you type after logging in. but if you can't trust the remote system then i don't think OSC 52 is the only way to do that.