How to provide password to a command that prompts for one in bash

Question

I m writing a UNIX shell function that is going to execute a command that will prompt the user for a password  I want to hard-code the password into the script and provide it to the command  I ve tried piping the password into the command like this     function         echo  password    command     This may not work for some commands as the command may flush the input buffer before prompting for the password   I ve also tried redirecting standard input to a file containing the password like this  but that doesn t work either   function         echo  password   gt  pass tmp     command  lt  pass tmp     rm pass tmp     I know that some commands allow for the password to be provided as an argument  but I d rather go through standard input   I m looking for a quick and dirty way of piping a password into a command in bash

User · Answer

Secure commands will not allow this  and rightly so  I m afraid - it s a security hole you could drive a truck through   If your command does not allow it using input redirection  or a command-line parameter  or a configuration file  then you re going to have to resort to serious trickery   Some applications will actually open up  dev tty to ensure you will have a hard time defeating security  You can get around them by temporarily taking over  dev tty  creating your own as a pipe  for example  but this requires serious privileges and even it can be defeated

User · Answer

Simply use    echo  password    sudo -S mount -t vfat  dev sda1  media usb   if      -eq 0    then     echo -e    ok   Usb key mounted  else     echo -e   warn  The USB key is not mounted  fi   This code is working for me  and its in  etc init d myscriptbash sh

User · Answer

How to use autoexpect to pipe a password into a command   These steps are illustrated with an Ubuntu 12 10 desktop   The exact commands for your distribution may be slightly different     This is dangerous because you risk exposing whatever password you use to anyone who can read the autoexpect script file   DO NOT expose your root password or power user passwords by piping them through expect like this   Root kits WILL find this in an instant and your box is owned   EXPECT spawns a process  reads text that comes in then sends text predefined in the script file    Make sure you have expect and autoexpect installed   sudo apt-get install expect sudo apt-get install expect-dev  Read up on it   man expect man autoexpect  Go to your home directory   cd  home el  User el cannot chown a file to root and must enter a password   touch testfile txt sudo chown root root testfile txt      enter password to authorize the changing of the owner   This is the password entry we want to automate   Restart the terminal to ensure that sudo asks us for the password again   Go to  home el again and do this   touch myfile txt  autoexpect -f my test expect exp sudo chown root root myfile txt       enter password which authorizes the chown to root   autoexpect done  file is my test expect exp  You have created my test expect exp file   Your super secret password is stored plaintext in this file   This should make you VERY uncomfortable   Mitigate some discomfort by restricting permissions and ownership as much as possible   sudo chown el my test expect exp       make el the owner  sudo chmod 700 my test expect exp      make file only readable by el   You see these sorts of commands at the bottom of my test expect exp   set timeout -1 spawn sudo chown root root myfile txt match max 100000 expect -exact    sudo   password for el    send --  YourPasswordStoredInPlaintext r  expect eof  You will need to verify that the above expect commands are appropriate   If the autoexpect script is being overly sensitive or not sensitive enough then it will hang   In this case it s acceptable because the expect is waiting for text that will always arrive    Run the expect script as user el   expect my test expect exp  spawn sudo chown root root myfile txt  sudo  password for el    The password contained in my test expect exp was piped into a chown to root by user el   To see if the password was accepted  look at myfile txt   ls -l -rw-r--r--  1 root root          0 Dec  2 14 48 myfile txt    It worked because it is root  and el never entered a password   If you expose your root  sudo  or power user password with this script  then acquiring root on your box will be easy   Such is the penalty for a security system that lets everybody in no questions asked

User · Answer

Programs that prompt for passwords usually set the tty into  raw  mode  and read input directly from the tty  If you spawn the subprocess in a pty you can make that work   That is what Expect does

User · Answer

You can use the -S flag to read from std input  Find below an example   function shutd       echo  mySuperSecurePassword    sudo -S shutdown -h now

User · Answer

with read  Here s an example that uses read to get the password and store it in the variable pass  Then  7z uses the password to create an encrypted archive   read -s -p  Enter password    pass  amp  amp  7z a archive zip a file -p  pass   unset pass   But be aware that the password can easily be sniffed

User · Answer

Take a look at autoexpect  decent tutorial HERE   It s about as quick-and-dirty as you can get without resorting to trickery

User · Answer

That s a really insecure idea  but  Using the passwd command from within a shell script

[bash] How to provide password to a command that prompts for one in bash?

Examples related to bash

Examples related to unix

Examples related to passwords