Hiding Password Input When Running a Remote Script

I have a simple local script, which logs into a remote server (my WordPress.com sandbox) via ssh to run a script there. After finishing, it runs another local command (unison) to pull down all of the files. The remote script is also very simple, calling svn update on several repos. If I ssh directly into the server and run the svn script, typing in passwords correctly shows up as a series of asterisks (****). Executing the same script remotely was showing the actual characters in my local terminal. Not ideal for security.

A Stack Overflow comment gave me what I needed. Wrap the ssh command with some stty commands.

stty_orig=`stty -g`
stty -echo

ssh USER@HOST './script.sh;'

stty $stty_orig

This turns off the output of the password entry completely. I never type in the password since it’s a copy/paste from 1Password, so not having the asterisks is no big deal.

%d bloggers like this: