Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Bash scripting mask password from ps
Top Forums Shell Programming and Scripting Bash scripting mask password from ps Post 303023622 by aixkidbee on Thursday 20th of September 2018 05:28:25 AM
Old 09-20-2018
Bash scripting mask password from ps
Hi All,


I have a script, which prompts me for my password input, then it passes that password onto an argument for another script which is then passed onto an expect script which automates my logins to a bunch of servers to execute my commands.

example.

script A - request for password, pass password variable to expect script command
expect command - ./expect $password ssh@server “command”
expect script - obtain password from $argv 0 and execute.


I've seen a few posts about this request and can't find anything that works. Is anyone able to guide me in the right direction? I have tried using file descriptor and no luck.

Also, no ssh keys is not an option and hard coding passwords in files.

Thanks
Last edited by aixkidbee; 09-20-2018 at 12:15 PM..
 

10 More Discussions You Might Find Interesting

1. Programming

password mask in C

Hi, Could any one help me to write a C program for password mask with ******. I mean whatever word i will type that will show on the screen as ***** and should store the correct value in a variable. Thanks in advance Krishna (5 Replies)
Discussion started by: krishna
5 Replies

2. Shell Programming and Scripting

scripting password prompts

Hi there Probably a really simple question but I am writing an install script and at certain stages of the install (ie creating a table in mysql) the system prompts for you to enter a password, I was wondering, how do I script this input so that the install doesnt keep stopping for manual... (3 Replies)
Discussion started by: hcclnoodles
3 Replies

3. Shell Programming and Scripting

scp scripting without asking password

I like to copy a file from one server server1 from path path1 to another server server2 to path path2. User logging in both the servers are same say user1 I tried to use ssh to generate public/private key pairs and then copy without prompting for password. These are the steps i followed ... (5 Replies)
Discussion started by: jwala
5 Replies

4. Shell Programming and Scripting

Scripting password changes.

Hello, I am looking for a way to login to multiple machines and do things such as create users, reset root passwords etc non interactively. The problem with the passwords is that all machines use ssh, dont allow root login, require to login as a normal user, su to root then change the root... (1 Reply)
Discussion started by: Actuator
1 Replies

5. Shell Programming and Scripting

Scripting help/advise on hiding/masking username/password

Hi, I currently have a UNIX script with a function that uses a username and password to connect to the database, retrieve some information and then exit. At the moment, am getting the username and password from a hidden plain text file and permission set to -r--------, i.e. read only to who... (1 Reply)
Discussion started by: newbie_01
1 Replies

6. UNIX for Dummies Questions & Answers

how to mask the password ?

Hi All, i am executing peoplesoft sqr command from unix prompt which has the unix id/password as parameter along with other parameters. i want to show whole command in log file but want to mask the id/password field. this command i am executing in shell script. Please suggest.. >sqr sqrname... (2 Replies)
Discussion started by: avi.coep
2 Replies

7. Shell Programming and Scripting

Scripting password prompt for restarting Jboss application

Hi When I do on console a stop, the script prompts for password > stop_idm_suite.sh Suite system password:Here experct of the shell script stop_idm_suite.sh DoIt() { # prompt System password echo "" ${BMC_JAVA_HOME}/java -Didm.suite.home=${BMC_IDM_SUITE_HOME} -classpath... (1 Reply)
Discussion started by: slashdotweenie
1 Replies

8. Red Hat

Samba create mask and dir mask on RHEL 4.8

Hi Experts, I'm using samba -3.6.1 on Red Hat Enterprise Linux ES release 4 (Nahant Update 8) ,all seems ok. The issue im facing is as follows. When ever a user creates a file via windows explorer the permissions assgined to the file are as follows -rw-rwxr--+ 1 tom group2 0 Mar 9... (1 Reply)
Discussion started by: maverick_here
1 Replies

9. UNIX for Dummies Questions & Answers

What is mask and effective right mask in setfacl?

Hi Guys, can someone explain what is mask and effective right mask in setfacl and getfacl command with example, unable to get it. (3 Replies)
Discussion started by: Jcpratap
3 Replies

10. Shell Programming and Scripting

Make a password protected bash script resist/refuse “bash -x” when the password is given

I want to give my long scripts to customer. The customer must not be able to read the scripts even if he has the password. The following command locks and unlocks the script but the set +x is simply ignored. The code: read -p 'Script: ' S && C=$S.crypt H='eval "$((dd if=$0 bs=1 skip=//|gpg... (7 Replies)
Discussion started by: frad
7 Replies

LEARN ABOUT DEBIAN

clogin

clogin(1)						      General Commands Manual							 clogin(1)

NAME

       clogin - Cisco login script

SYNOPSIS

       clogin  [-autoenable]  [-noenable]  [-dSV]  [-c	 command]  [-E	 var=x] [-e  enable-password] [-f  cloginrc-file] [-p  user-password] [-s
       script-file] [-t  timeout] [-u  username]  [-v	vty-password]  [-w   enable-username]  [-x   command-file]  [-y   ssh_cypher_type]  router
       [router...]

DESCRIPTION

       clogin  is  an  expect(1)  script  to  automate the process of logging into a Cisco router, catalyst switch, Extreme switch, Juniper ERX/E-
       series, Procket Networks, or Redback router.  There are complementary scripts for Alteon, Avocent (Cyclades), Bay Networks  (nortel),  ADC-
       kentrox	EZ-T3  mux, Foundry, HP Procurve switches and Cisco AGMs, Hitachi routers, Juniper Networks, MRV optical switch, Mikrotik routers,
       Netscreen firewalls, Netscaler, Riverstone, Netopia, and Lucent TNT, named alogin,  avologin,  blogin,  elogin,	flogin,  fnlogin,  hlogin,
       htlogin, jlogin, mrvlogin, mtlogin, nlogin, nslogin, rivlogin, tlogin, and tntlogin, respectively.

       clogin reads the .cloginrc file for its configuration, then connects and logs into each of the routers specified on the command line in the
       order listed.  Command-line options exist to override some of the directives found in the .cloginrc configuration file.

       The command-line options are as follows:

       -S     Save the configuration on exit, if the device prompts at logout time.  This only has affect when used with -s.

       -V     Prints package name and version strings.

       -c     Command to be run on each router list on the command-line.  Multiple commands maybe listed by separating them with semi-colons  (;).
	      The argument should be quoted to avoid shell expansion.

       -d     Enable expect debugging.

       -E     Specifies a variable to pass through to scripts (-s).  For example, the command-line option -Efoo=bar will produce a global variable
	      by the name Efoo with the initial value "bar".

       -e     Specify a password to be supplied when gaining enable privileges on the router(s).  Also see the password directive of the .cloginrc
	      file.

       -f     Specifies an alternate configuration file.  The default is $HOME/.cloginrc.

       -p     Specifies a password associated with the user specified by the -u option, user directive of the .cloginrc file, or the Unix username
	      of the user.

       -s     The filename of an expect(1) script which will be sourced after the login is successful and is expected to return control to clogin,
	      with the connection to the router intact, when it is done.  Note that clogin disables log_user of expect(1)when -s is used.  Example
	      script(s) can be found in share/rancid/*.exp.

       -t     Alters the timeout interval; the period that clogin waits for an individual command to return a  prompt  or  the	login  process	to
	      produce a prompt or failure.  The argument is in seconds.

       -u     Specifies the username used when prompted.  The command-line option overrides any user directive found in .cloginrc.  The default is
	      the current Unix username.

       -v     Specifies a vty password, that which is prompted for upon connection to  the  router.   This  overrides  the  vty  password  of  the
	      .cloginrc file's password directive.

       -w     Specifies  the  username	used  if  prompted  when gaining enable privileges.  The command-line option overrides any user or enauser
	      directives found in .cloginrc.  The default is the current Unix username.

       -x     Similar to the -c option; -x specifies a file with commands to run on each of the routers.  The commands must not expect	additional
	      input, such as 'copy rcp startup-config' does.  For example:

		 show version
		 show logging

       -y     Specifies  the encryption algorithm for use with the ssh(1) -c option.  The default encryption type is often not supported.  See the
	      ssh(1) man page for details.  The default is 3des.

RETURNS

       If the login script fails for any of the devices on the command-line, the exit value of the script will be non-zero and the value  will	be
       the number of failures.

ENVIRONMENT

       clogin recognizes the following environment variables.

       CISCO_USER
	      Overrides the user directive found in the .cloginrc file, but may be overridden by the -u option.

       CLOGIN clogin will not change the banner on your xterm window if this includes the character 'x'.

       CLOGINRC
	      Specifies an alternative location for the .cloginrc file, like the -f option.

       HOME   Normally set by login(1) to the user's home directory, HOME is used by clogin to locate the .cloginrc configuration file.

FILES

       $HOME/.cloginrc	 Configuration file.

SEE ALSO

       cloginrc(5), expect(1)

CAVEATS

       clogin  expects	CatOS  devices to have a prompt which includes a '>', such as "router> (enable)".  It uses this to determine, for example,
       whether the command to disable the pager is "set length 0" or "term length 0".

       The HP Procurve switches that are Foundry OEMs use flogin, not hlogin.

       The Extreme is supported by clogin, but it has no concept of an "enabled" privilege level.  You must set autoenable for	these  devices	in
       your .cloginrc.

       The -S option is a recent addition, it may not be supported in all of the login scripts or for every target device.

BUGS

       Do  not	use  greater  than (>) or pound sign (#) in device banners.  These are the normal terminating characters of device prompts and the
       login scripts need to locate the initial prompt.  Afterward, the full prompt is collected and makes  a  more  precise  match  so  that  the
       scripts know when the device is ready for the next command.

       All these login scripts for separate devices should be rolled into one.	This goal is exceedingly difficult.

       The HP Procurve switch, Motorola BSR, and Cisco AGM CLIs rely heavily upon terminal escape codes for cursor/screen manipulation and assumes
       a vt100 terminal type.  They do not provide a way to set a different terminal type or adjust this behavior.   The  resulting  escape  codes
       make  automating interaction with these devices very difficult or impossible.  Thus bin/hpuifilter, which must be found in the user's PATH,
       is used by hlogin to filter these escape sequences.  While this works for rancid's collection,  there  are  side  effects  for  interactive
       logins via hlogin; most of which are formatting annoyances that may be remedied by typing CTRL-R to reprint the current line.

       WARNING:  repeated  ssh	login  failures  to HP Procurves cause the switch's management interface to lock-up (this includes snmp, ping) and
       sometimes it will crash.  This is with the latest firmware; 5.33 at the time of this writing.

								   26 April 2011							 clogin(1)
All times are GMT -4. The time now is 12:44 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy