• About
  • Privacy Policy
  • Contact us
  • Submit a story
Linux-News Linux news from the Blogosphere
  • Article
  • Howto
  • News
  • Opinion
  • Review
  • RSS Feed
  • Twitter
  • Facebook

Don’t Script Your Password! Add Simple Prompts to Shell Scripts

By
News
– March 9, 2013Posted in: Article, Feed, Howto, Submitted

Article by Matt Butcher first published on his website

I hate typing long shell commands, so I often create for myself short shell scripts that perform common tasks for me. I can hard-code all those options and arguments. Sometimes, though, there are a few bits that I want to change on a run or I don’t want to hard code into a shell script.

Here’s an excellent example: I don’t want my password stored in a shell script. Ideally, what I want is to be prompted for my password.

There is a very simple shell built-in that you can use to do this: read. Here’s how it’s used.




Here’s how it works. Say I have a fictional command called my-login -u USERNAME -p PASSWORD. It takes two arguments: username and password. So I might build a shell script named do-my-login.sh like this:

    #!/bin/bash

    USER=matt
    PASS=supersecret

    my-login -u $USER -p $PASS

That will certainly work, but I don’t like having my password in the file. I’d rather be prompted for my password, but unfortunately my-login doesn’t provide this. So here’s a minor tweak to add an interactive prompt to our script:

    #!/bin/bash

    USER=matt

    read -p "Password for $USER: " PASS

    my-login -u $USER -p $PASS

The important change is on the fifth line, where we use read to prompt the user. Notice that the last argument (PASS) is the name of the variable into which the response will be stored. The -p option takes a string that it will use to prompt me:

    $ ./do-my-login.sh
    Password for matt: supersecret

But wait! I don’t want my password echoed back to the console like that! To suppress the output, I can use the -s prompt to silence the output:

    #!/bin/bash

    USER=matt

    read -s -p "Password for $USER: " PASS

    my-login -u $USER -p $PASS

Now when I respond to the “Password for matt” prompt, my password will not be echoed back to me.

I’m not guaranteeing that this is the most secure way to handle password prompts. (Between the prompt and the shell execution, the password is in cleartext.) But it performs exactly what I need for quick local shell scripts, and it’s certainly more secure than hard coding passwords into scripts.

Tags: bash, linux, security, shell commands, Shell script, Shell Scripts

About News

No Comments

Start the ball rolling by posting a comment on this article!

Leave a Reply Cancel reply

Your email address will not be published.

  • Suggested Sites
    http://linuxaria.com everything about Linux http://linuxaria.com everything about Linux
  • Curated topic
  • Recent Posts
    • Unleash the Power of PDF Security: A Guide to Content Preparation Progress Turn Off
    • Unlock the World of Coins with the World Coin Catalog Krause 47th Edition PDF
    • Master the Alphabet with Printable Traceable Worksheets [PDF Download]
    • Master PDF Merging with “I Love PDF Merge”: The Ultimate Guide
    • How to Insert a PDF into PowerPoint: A Guide to Seamless Integration
    • Ace Your CNA Exam: Free Practice Test with Answers PDF!
    • Unleash the Power of Complex Variables: A Comprehensive Guide to Brown and Churchill’s Masterpiece
    • Out of the Abyss PDF: Embark on an Epic Underdark Adventure
    • Uncover Hidden Corruption: The Ultimate Guide to “Dan Bongino Follow the Money PDF”
    • Catholic Daily Readings 2023 PDF: Your Guide to Spiritual Growth
  • Ranking

About Arras WordPress Theme

All site content, except where otherwise noted, is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.