--- /var/local/rt/gateways/ssh-orig	2013-09-19 18:09:41.000000000 +0200
+++ /var/local/rt/gateways/ssh	2013-09-19 22:13:57.000000000 +0200
@@ -10,9 +10,11 @@
 # fetch command-line parameters
 my $op_help;
 my $op_as_user;
+my $op_ssh_pw;
 GetOptions (
     'h' => \$op_help,
     'sudo-user:s' => \$op_as_user,
+    'sp:s' => \$op_ssh_pw,
 );
 if ($op_help) {
     &display_help;
@@ -20,7 +22,20 @@
 }
 
 &become_user;
-exec ('ssh', @ARGV) or die "exec ssh: $!";
+
+# fake password entry - needs sshpass package!
+my $cmd = 'ssh';
+if( defined( $op_ssh_pw ) ) {
+    # we use the really bad method instead of the outrageously bad one
+    # this way it requires root to peek /proc/<pid> instead of a simple 'ps'
+    $ENV{'SSHPASS'} = $op_ssh_pw;
+    $cmd = 'sshpass';
+    unshift @ARGV, '-e', 'ssh';
+    # batch mode would kindly disable pw authentication altogether
+    @ARGV = grep { !/-oBatchMode=yes/ } @ARGV;
+}
+
+exec ($cmd, @ARGV) or die "exec $cmd: $!";
 
 sub display_help {
     print <<END;