diff -aur openssh-3.8p1/readconf.c mod/readconf.c
--- openssh-3.8p1/readconf.c	2004-03-08 09:23:40.000000000 -0600
+++ mod/readconf.c	2004-03-08 09:15:04.000000000 -0600
@@ -106,7 +106,7 @@
 	oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
 	oAddressFamily, oGssAuthentication, oGssDelegateCreds,
 	oServerAliveInterval, oServerAliveCountMax,
-	oProtocolKeepAlives, oSetupTimeOut,
+	oProtocolKeepAlives, oSetupTimeOut, oPassword,
 	oDeprecated, oUnsupported
 } OpCodes;
 
@@ -194,6 +194,7 @@
 	{ "serveraliveinterval", oServerAliveInterval },
 	{ "serveralivecountmax", oServerAliveCountMax },
 	{ "protocolkeepalives", oProtocolKeepAlives },
+	{ "password", oPassword },
 	{ "setuptimeout", oSetupTimeOut },
 	{ NULL, oBadOption }
 };
@@ -748,6 +749,15 @@
 		intptr = &options->server_alive_count_max;
 		goto parse_int;
 
+	case oPassword:
+		charptr = &options->password;
+		arg = strdelim(&s);
+		if (!arg || !*arg)
+			fatal("%.200s line %d: Missing argument.", filename, linenum);
+		if (*activep && !*charptr)
+			*charptr = xstrdup(arg);
+		break;
+
 	case oSetupTimeOut:
 	        intptr = &options->setuptimeout;
 		goto parse_int;
@@ -882,6 +892,7 @@
 	options->verify_host_key_dns = -1;
 	options->server_alive_interval = -1;
 	options->server_alive_count_max = -1;
+	options->password = NULL;
 }
 
 /*
diff -aur openssh-3.8p1/readconf.h mod/readconf.h
--- openssh-3.8p1/readconf.h	2004-03-08 09:23:40.000000000 -0600
+++ mod/readconf.h	2004-03-08 09:16:06.000000000 -0600
@@ -103,6 +103,7 @@
 	int	no_host_authentication_for_localhost;
 	int	server_alive_interval; 
 	int	server_alive_count_max;
+	char *password; /* password specified in config file */
 }       Options;
 
 
diff -aur openssh-3.8p1/sshconnect1.c mod/sshconnect1.c
--- openssh-3.8p1/sshconnect1.c	2003-09-02 07:51:17.000000000 -0500
+++ mod/sshconnect1.c	2004-03-08 09:19:51.000000000 -0600
@@ -406,10 +406,17 @@
 		if (options.cipher == SSH_CIPHER_NONE)
 			logit("WARNING: Encryption is disabled! "
 			    "Response will be transmitted in clear text.");
-		response = read_passphrase(prompt, 0);
-		if (strcmp(response, "") == 0) {
-			xfree(response);
-			break;
+		if (i == 0 && options.password != NULL)
+		{
+			response = xstrdup(options.password);
+		}
+		else
+		{
+			response = read_passphrase(prompt, 0);
+			if (strcmp(response, "") == 0) {
+				xfree(response);
+				break;
+			}
 		}
 		packet_start(SSH_CMSG_AUTH_TIS_RESPONSE);
 		ssh_put_password(response);
diff -aur openssh-3.8p1/sshconnect2.c mod/sshconnect2.c
--- openssh-3.8p1/sshconnect2.c	2004-01-20 18:02:50.000000000 -0600
+++ mod/sshconnect2.c	2004-03-08 09:23:05.000000000 -0600
@@ -727,12 +727,15 @@
 	if (attempt++ >= options.number_of_password_prompts)
 		return 0;
 
-	if (attempt != 1)
-		error("Permission denied, please try again.");
-
-	snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ",
-	    authctxt->server_user, authctxt->host);
-	password = read_passphrase(prompt, 0);
+	if (attempt == 1 && options.password != NULL)
+		password = xstrdup(options.password);
+	else {
+		if (attempt != 1)
+			error("Permission denied, please try again.");
+		snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ",
+	    	authctxt->server_user, authctxt->host);
+		password = read_passphrase(prompt, 0);
+	}
 	packet_start(SSH2_MSG_USERAUTH_REQUEST);
 	packet_put_cstring(authctxt->server_user);
 	packet_put_cstring(authctxt->service);