I have a simple local script, which logs into a remote server (my WordPress.com sandbox) via ssh to run a script there. After finishing, it runs another local command (
unison) to pull down all of the files. The remote script is also very simple, calling
svn update on several repos. If I ssh directly into the server and run the svn script, typing in passwords correctly shows up as a series of asterisks (****). Executing the same script remotely was showing the actual characters in my local terminal. Not ideal for security.
A Stack Overflow comment gave me what I needed. Wrap the
ssh command with some
stty_orig=`stty -g` stty -echo ssh USER@HOST './script.sh;' stty $stty_orig
This turns off the output of the password entry completely. I never type in the password since it’s a copy/paste from 1Password, so not having the asterisks is no big deal.