feat: Support for sudo and password-requiring commands in Bash tool

[bernatfp]

Problem

The Bash tool currently runs with stdio: ["ignore", "pipe", "pipe"], meaning stdin is disconnected. This breaks any command requiring interactive password input:

• sudo apt install ...
• ansible-playbook -K ... (ask-become-pass)
• ssh -t user@host "sudo ..."
• GPG passphrase prompts

Users working with system administration, deployment automation, or remote servers cannot use these common workflows through OpenCode.

Proposed Approach

Use PTY-based execution for commands that may require interactive input:

1. Auto-detect interactive commands - Pattern match for sudo, ssh -t, ansible -K, etc.
2. PTY execution - Spawn an ephemeral PTY for interactive commands
3. Prompt detection - Detect password prompts via patterns ([sudo] password for, Password:, BECOME password:, etc.)
4. SecureInput system - Event-based system that requests password from user when prompt detected
5. Direct PTY write - Password goes directly to PTY, never stored or logged
6. Output sanitization - Replace password prompts with [Password prompt - user input required] before sending to LLM

Security considerations

• Password never logged or stored in memory beyond immediate use
• Password never appears in conversation history or LLM context
• UI uses type="password" input
• 60s timeout, max 3 retry attempts

Why it belongs in OpenCode

This is a common pain point for DevOps/sysadmin workflows. The PTY infrastructure already exists for the terminal feature, so this leverages existing code. It's also how Claude Code handles similar scenarios.

Happy to share implementation details if there's interest.

[github-actions]

This issue might be a duplicate of existing issues. Please check:

• App becomes unresponsive when executing commands requiring sudo password #652: App becomes unresponsive when executing commands requiring sudo password
• Agent runs "sudo" and freezes UI when analyzing system configs (e.g. Apache) #3212: Agent runs "sudo" and freezes UI when analyzing system configs (e.g. Apache)
• Support for running commands that use raw mode stdin #1180: Support for running commands that use raw mode stdin

Feel free to ignore if none of these address your specific case.

[ArabianCowboy]

+1 on this. As someone working in system administration and deployment contexts, this is a consistent blocker. Running sudo commands, SSH connections, or anything requiring a password mid-execution currently forces me to leave the agent context entirely. The proposed PTY + SecureInput approach looks like the right solution — would love to see this prioritized. Gemini CLI and Codex CLI both handle this natively and it significantly changes the day-to-day usability for sysadmin workflows.