diff --git a/auth.h b/auth.h
index 7e83247135e99ffcb6ed108d584c9904e495efe8..c407ad559e7a0fba1272172ea8ace0dfc00ea04c 100644
--- a/auth.h
+++ b/auth.h
@@ -52,6 +52,7 @@ void cli_pubkeyfail();
 void cli_auth_password();
 int cli_auth_pubkey();
 void cli_auth_interactive();
+char* getpass_or_cancel();
 
 
 #define MAX_USERNAME_LEN 25 /* arbitrary for the moment */
diff --git a/cli-auth.c b/cli-auth.c
index 6a6d53aff6601462b29fd9bb2e20c499e55cd5cb..d08de9a33bbbd3e861a1735606cf54179fc37fa7 100644
--- a/cli-auth.c
+++ b/cli-auth.c
@@ -278,3 +278,18 @@ void cli_auth_try() {
 
 	TRACE(("leave cli_auth_try"))
 }
+
+/* A helper for getpass() that exits if the user cancels. The returned
+ * password is statically allocated by getpass() */
+char* getpass_or_cancel()
+{
+	char* password = NULL;
+
+	password = getpass("Password: ");
+
+	/* 0x03 is a ctrl-c character in the buffer. */
+	if (password == NULL || strchr(password, '\3') != NULL) {
+		dropbear_close("Interrupted.");
+	}
+	return password;
+}
diff --git a/cli-authinteract.c b/cli-authinteract.c
index ef65517d2a50e1a0b288f979426c3345e87e27b4..5a169cb2e90895a5c5dcb1af544abf9e4e75a90c 100644
--- a/cli-authinteract.c
+++ b/cli-authinteract.c
@@ -115,7 +115,7 @@ void recv_msg_userauth_info_request() {
 		echo = buf_getbool(ses.payload);
 
 		if (!echo) {
-			unsigned char* p = getpass(prompt);
+			unsigned char* p = getpass_or_cancel(prompt);
 			response = m_strdup(p);
 			m_burn(p, strlen(p));
 		} else {
diff --git a/cli-authpasswd.c b/cli-authpasswd.c
index ec290e0534e46a1458ccc5ba2aae848ca3423fc5..5dffac4b15928e108e657b560a07c1ba4694d17e 100644
--- a/cli-authpasswd.c
+++ b/cli-authpasswd.c
@@ -125,10 +125,7 @@ void cli_auth_password() {
 		password = gui_getpass("Password: ");
 	else
 #endif
-		password = getpass("Password: ");
-
-	if (password == NULL)
-		return 0;
+		password = getpass_or_cancel("Password: ");
 
 	buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);