Created attachment 3468 [details]
My local patch (based on the Fedora 33 repo)

Right now, the only way to connect to hosts that require password authentication is to enter in the password manually, or rely on a hack using expect or sshpass.  The former is annoying, and the other options are not configurable to specific hosts and become a burden to set up with software that depends on ssh.  I propose adding an option "PasswordFile" to the config that allows users to choose a file to use the first line of as the password during auth instead of prompting the user---similar to IdentityFile but for password auth.

My university systems (and from what I can tell some other universities) disallow public-key authentication (due to technical constraints with a custom FS from what I've been told), so I'm sure there are a fair number of people who have been using workarounds to automate this.  I've somewhat recently made a small patch to my system's OpenSSH to have this feature, and it is substantially more convenient and less frustrating to work with than sshpass or expect.  I cleaned up the patch I used and attached it for reference, but it lacks documentation/tests and I doubt it meets the general code standards for OpenSSH (if this is something that would be good to add, I'd be fine fixing that though).

As for the security of this, I personally can't think of a reason why this would be too much worse than having non-passphrased private keys/IdentityFiles on the filesystem, and a fair number of users who might use this feature are probably already doing something similar just with a workaround.  Then again, I would see why this might be outside of what OpenSSH wants to encourage.