Hiding Password Input When Running a Remote Script

I have a simple local script, which logs into a remote server (my WordPress.com sandbox) via ssh to run a script there. After finishing, it runs another local command (unison) to pull down all of the files. The remote script is also very simple, calling svn update on several repos. If I ssh directly into the server and run the svn script, typing in passwords correctly shows up as a series of asterisks (****). Executing the same script remotely was showing the actual characters in my local terminal. Not ideal for security.

A Stack Overflow comment gave me what I needed. Wrap the ssh command with some stty commands.

stty_orig=`stty -g`
stty -echo

ssh USER@HOST './script.sh;'

stty $stty_orig

This turns off the output of the password entry completely. I never type in the password since it’s a copy/paste from 1Password, so not having the asterisks is no big deal.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s