Ask Dave Taylor: Tech and Business


How can I hide passwords in a shell script?

We have to do sudo in a shell/perl scripts for certain commands. As you know sudo needs password to be supplied. sudo has -S option for stdin.

For example:

echo $pw | sudo -S command

Assume, somehow, we figure out the password and pass it in for the above echo. But, the buggest concern is, if someone does a "ps", one will be able to see the password. The above example is part of a shell script and what we need to know is how do we hide the password?

If you're specifically trying to accomplish this so you can work with "sudo", then here's some good news: sudo doesn't actually require password entry. If you use the command visudo (on FreeBSD?, or the appropriate equivalent on your OS) to edit your sudoers file (which controls who is allowed to use the sudo command), you can add a line like the following to permit sudo usage by user 'username' without password entry for any command.

  username ALL = NOPASSWD: ALL

Or a line like the following will allow...