At work, I have a couple of shell scripts to perform LDAP queries. Initially the scripts were hard-coded with the login credentials of a read-only user. But as the scripts were enhanced to handle LDAP query updates, I realised that it was not a good idea anymore to hard-code the username and password as I was just inviting trouble. And the scripts will be a big NO during system audit.
To overcome this problem, I decided to let the scripts request for user credentials whenever someone tried to run the scripts. But there’s one problem. The password field is visible when entered by the user.
|
1 2 3 4 5 |
$ ./script.sh Enter Username: hello Enter Password: world Entered Username/Password - hello/world |
To overcome the password field visibility problem, I specified the “-s” option to the read command. The option is available in the bash shell. The sample code below will not echo the password field when entered by the user.
|
1 2 3 4 5 6 7 |
#!/bin/bash read -p "Enter Username: " username read -s -p "Enter Password: " userpass echo "" echo "Username/Password - $username/$userpass" |
Below is the output of the sample script.
|
1 2 3 4 |
$ ./script.sh Enter Username: hello Enter Password: Username/Password - hello/world |
If read command does not support the “-s” option (this probably means that you are not using the bash shell), then the script will need to be modified.
|
1 2 3 4 5 6 7 8 9 |
#!/bin/sh read -p "Enter Username: " username stty -echo read -p "Enter Password: " userpass stty echo echo "" echo "Username/Password - $username/$userpass" |
Mohamed Ibrahim
ibrahim = { interested_in(unix, linux, android, open_source, reverse_engineering); coding(c, shell, php, python, java, javascript, nodejs, react); plays_on(xbox, ps4); linux_desktop_user(true); }
