I wrote a shell script to automate mysqldump.
I don't want my password to be entered in the script file. Can anyone suggest me an alternative way to do this?
If you are running the script interactively, then you can use read to read the password into an environmental variable, and then echo that password to mysqldump.
read -s -p 'password: ' password
echo "$password" | mysqldump ...
The password will be stored in plain text in memory but not elsewhere.
Alternatively as per the documentation you can use an option file to avoid giving the password on the command line. The file would contain something similar to the below:
[client]
# The following password will be sent to all standard MySQL clients
password="my_password"
Related
I am trying to do a remote desktop connection between Ubuntu desktop and another Ubuntu system. I want to develop an application so it is necessary to use shell command.
ssh -X or -Y username#server_ip
I know this command is for trusted and untrusted connection between two systems but here username is necessary for connection so it is necessary to ask username and password to each user for connection. so I have created a bash file for getting input from the user. its name myscript.sh
#!/bin/bash
read -p 'Username: ' uservar
read -sp 'Password: ' passvar
sleep 10
and I want to use this variable value in another file. I wrote below code and file name terminal.sh.
#!/bin/bash<br>
xterm -e /file_path/myscript.sh
sshpass -p $passvar ssh -X $uservar#$remote_ip /usr/bin/xfce4-session
but this code is not working. I want myscript.sh user input value in terminal.sh file. one person suggests me to use signify. how to use signify here? Can anyone suggest a solution? thanks in advance.
Normally, you should set-up public/private key authentication with ssh. Anything else is a hack to get the same result.
In this case, you have to store the credentials (uid/pw) somewhere to be able to use them in your second script. That could be:
#!/bin/bash
read -p 'Username: ' uservar
read -sp 'Password: ' passvar
and call as . myscript.sh, or store them somewhere in a file for use (which is security-wise a little issue).
If you really cannot set-up your p/p-keys, you should probably put (as Inian suggests) put the prompting in the same script..
I have an interactive bash script which first asks for user name and THEN ask for password and then confirm password again. (It creates users in our ERP system NOT in Ubuntu)
I have an CSV of 1000+ users and randomly generated passwords so I have to create all these users. I want to write a script which picks users from the CSV and then when asked for password it passes passwords from the CSV to create users. Following is what I have done but it didn't work as intended:
while IFS=,
read -a csv_line; do
createusr ${csv_line[0]}:${csv_line[1]}:${csv_line[1]};done < Desktop/Passwoerter.csv
It gives error that password do not match!
The actual script for individual user work like:
~$ createuser xyz <press Enter>
password for xyz: whatever <press enter>
confirm password for xyz whatever <enter again>
~$
Its NOT:
~$ createuser xyz whatever whatever <press enter>
~$
It works fine if I add one by one but there are 1000+ so I was trying using a small script over CSV.
First Option: Use newusers: Its a part of passwd package.
DESCRIPTION
The newusers command reads a file (or the standard input by default)
and uses this information to update a set of existing users or to
create new users. Each line is in the same format as the standard
password file.
Input file formatting:
username:passwd:UID:GID:full name,room number,work phone,home phone,other:directory:shell
As you can see, the password is provided in the file.
Downside, You need to convert your csv to txt with provided format.
newusers < file.txt
Second Option: you can use useradd with -p switch.
useradd -m -p $(mkpasswd "password") username
-m Create the user's home directory if it does not exist.
-p The encrypted password, as returned by crypt(3).
I find out what I needed, my script looks like:
while IFS=# read -a csv_line
do
printf "%s\n%s\n" ${csv_line[1]} ${csv_line[1]} | createuser ${csv_line[0]}
done
and executed like:
./insertalluser < Desktop/Passwoerter.csv
I am building a bash script for my work to make initial setup and windows-domain join for our Ubuntu machines easy enough for someone who knows nothing about Linux can do it. I have found a lot of people that say that you shouldn't pass passwords through a script but to be efficient, I have to. The script prompts for info and credentials in the beginning and it needs to be able to be left to do it's job without interaction. I can't have it visible through ps when I pass it and I can't have it stored as an unsecured variable. Any suggestions?
If you really must do this, you can read the credentials into variables with read -s early in the script and then pass those values to the prompts. For example:
read -p "Enter your username: " username
read -sp "Enter your password: " password
echo
I included the blank echo because the -s option for read prevents the user's typing from appearing in the terminal, including the new line usually created after a user presses Enter when answering a prompt.
You can then use the $username and $password variables for the rest of your script and the credentials will not have to be stored outside of memory, meaning they will be lost/destroyed after the script completes.
However, note that any programs or utilities which take the credentials as command-line arguments will display those to other users on the machine running the script. For example, if I were to run a MySQL query using this method, I could do:
mysql -u "${username}" -p"${password}" -e "SHOW DATABASES;"
Other users on the machine could see the credentials while that was running with something like ps:
ps -ef | grep mysql
...
watrudoin 29512 29443 0 12:57 pts/4 00:00:00 mysql -u MyUserName -phunter2 -e SHOW DATABASES
You just need to be aware that what you are doing is not necessarily secure, but it seems that you already are.
I want to created .sh file
// Tried to connect to ftp server
ftp name_of_server
//input user name
username
//input password
password
link given below
https://github.com/prokid221/shell-programing.git
Instead of login, it again asked to enter username and password
can any one help with this problem?
If you only need file transfers, you could use curl.
download a file:
curl -O -u user:password ftp://example.com/some-file
upload a file:
curl -T some-file -u user:password ftp://example.com
Note: This method may result in your credentials being saved in your command history.
The best solution is to look at your ftp command manual. It probably provides command line flags or can use environment variables to allow you to specify username and password.
If there is no such thing, an alternate way is to feed ftp standard input. I guess this is what you try to do, but instead here is what your script does:
Run ftp and wait for the command to return. That's where ftp asks about username.
Once ftp returned, run a command named after the username. There is probably no command of that name so it will complain about it.
Then, run a command named after the password. It will fail too, but depending on the special characters in the password, it could become a disaster :-)
So, to really feed stdin, you can use printf(1):
printf "username\npassword\n" | ftp name_of_website
Edit: Another way I forgot is to put those informations in the URL: ftp://username:password#name_of_website.
Try :
#!/bin/sh
HOST='your.ftp.server.net'
USER='yourid'
PASSWD='yourpw'
FILE='file.txt'
ftp -n $HOST <<END_SCRIPT
quote USER $USER
quote PASS $PASSWD
#put $FILE
#quit
END_SCRIPT
exit 0
If you want to provide hostname from outside the script as commandline, then you can use,
HOST = $1 ,
So if you scriptname is serverftp.sh, you would provide hostname as;
serverftp.sh <ftp_server_name>
how about use expect in shell script?
#!/bin/sh
SERVER="example.com"
ID="toor"
PASSWD="secret"
expect <<EOF
spawn ftp $SERVER
expect ": "
send "$ID\r"
expect "Password:"
send "$PASSWD\r"
expect "ftp>"
send "ls\r
expect "ftp>"
send "quit\r
interact
EOF
I'm trying to write a simple script to mysqldump some dbs. I'm getting stuck on the password prompt though.
I'd like to just have a config file that contains all the db creds, then the script can use those to connect to the db.
Problem is a command such as:
system('mysqldump -u username -p')
then prompts for
Enter password:
even when I do something like:
system('mysqldump -u username -p some_password')
I still get prompted for the password...
I don't do a whole lot of scripting in Ruby so I'm at a loss as to how my script can automatically enter this info so the user running the script doesn't have to.
If you already know the password why aren't you passing it to the command?
system('mysqldump -u username --password=mypassword')
you need to delete space after -p
system('mysqldump -uusername -psome_password')
or without password just
system('mysqldump -uusername')
or
system('mysqldump -uusername --password=')
you could always check the application that uses the database for the password, check the config file file for the connection string. Failing that change the password in the database.