• About
  • Privacy Policy
  • Contact us
  • Submit a story
Linux-News Linux news from the Blogosphere
  • Article
  • Howto
  • News
  • Opinion
  • Review
  • RSS Feed
  • Twitter
  • Facebook

Don’t Script Your Password! Add Simple Prompts to Shell Scripts

By
News
– March 9, 2013Posted in: Article, Feed, Howto, Submitted

Article by Matt Butcher first published on his website

I hate typing long shell commands, so I often create for myself short shell scripts that perform common tasks for me. I can hard-code all those options and arguments. Sometimes, though, there are a few bits that I want to change on a run or I don’t want to hard code into a shell script.

Here’s an excellent example: I don’t want my password stored in a shell script. Ideally, what I want is to be prompted for my password.

There is a very simple shell built-in that you can use to do this: read. Here’s how it’s used.




Here’s how it works. Say I have a fictional command called my-login -u USERNAME -p PASSWORD. It takes two arguments: username and password. So I might build a shell script named do-my-login.sh like this:

    #!/bin/bash

    USER=matt
    PASS=supersecret

    my-login -u $USER -p $PASS

That will certainly work, but I don’t like having my password in the file. I’d rather be prompted for my password, but unfortunately my-login doesn’t provide this. So here’s a minor tweak to add an interactive prompt to our script:

    #!/bin/bash

    USER=matt

    read -p "Password for $USER: " PASS

    my-login -u $USER -p $PASS

The important change is on the fifth line, where we use read to prompt the user. Notice that the last argument (PASS) is the name of the variable into which the response will be stored. The -p option takes a string that it will use to prompt me:

    $ ./do-my-login.sh
    Password for matt: supersecret

But wait! I don’t want my password echoed back to the console like that! To suppress the output, I can use the -s prompt to silence the output:

    #!/bin/bash

    USER=matt

    read -s -p "Password for $USER: " PASS

    my-login -u $USER -p $PASS

Now when I respond to the “Password for matt” prompt, my password will not be echoed back to me.

I’m not guaranteeing that this is the most secure way to handle password prompts. (Between the prompt and the shell execution, the password is in cleartext.) But it performs exactly what I need for quick local shell scripts, and it’s certainly more secure than hard coding passwords into scripts.

Tags: bash, linux, security, shell commands, Shell script, Shell Scripts

About News

No Comments

Start the ball rolling by posting a comment on this article!

Leave a Reply Cancel reply

Your email address will not be published.

  • Suggested Sites
    http://linuxaria.com everything about Linux http://linuxaria.com everything about Linux
  • Curated topic
  • Recent Posts
    • Unlock a Customizable Dining Experience: The Which Wich Menu PDF Guide
    • Illinois Driving Test: Ace It with Our Comprehensive PDF Guide!
    • Discover “It Happened One Summer” PDF: A Captivating Summer Read
    • Magic Mouthwash Recipe PDF: Your Ultimate Guide to Oral Comfort
    • Master Legal Terminology with Black’s Law Dictionary PDF: Your Ultimate Guide
    • Dive into “A Worn Path” PDF: Explore a Timeless Classic
    • Ace the NYS Notary Exam: Your 2023 Study Guide PDF
    • Master the Road: Download the Essential California Driver Handbook 2023 PDF
    • How to Pray the Prayer of St. Francis | PDF Guide and Meaning
    • Your Guide to the 21-Day Daniel Fast Meal Plan PDF
  • Ranking

About Arras WordPress Theme

All site content, except where otherwise noted, is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.