But maybe it's possible to implement something better?
Background: On my targetserver I can only log in with my personal account. There I am only allowed to do a "sudo su - TARGETUSER". This is then prompting me for the password.
The workaround I'm using is a script which is called by sudo as "SUDO_ASKPASS". That script is connecting to a fifo where, on the other end, I have an open terminal session where I enter my password. This seems to work quite good, besides the small security risk that someone could read from my fifo while I'm thinking I'm communicating with my winscp-invoked script.
What I'm thinking about is: Would it be possible to have a script on my targetserver which can communicate back with WinSCP, sending WinSCP the request to ask the user for a password? It would then get the password from WinSCP and would give it back to sudo via stdout.