In my bash script ,a private repo is being cloned which prompts for username and password. The issue is even if incorrect username or password is entered and the git authentication fails - remote: Invalid username or password and the script proceeds further ignoring it .i want the git username and password read prompts to run in loop until git authentication succeeds . In other words , if incorrect username or password is entered it should be detected by bash and the read prompts should rerun in loop until git authentication is successful
#!/usr/bin/env bash
# something ....
read -e -p "Input your github username : " username
read -e -p "Input your github password : " password
git clone https://"$username":"$password"#github.com/"$username"/repo
# something ...
How do i solve this problem ?
Git will usually not create the directory of authentication failed. Check if the folder exists and exit if it does not:
test -d ./repo || { echo 'Dir does not exist'; exit 1; };
But before that, the git process should already exit with a non-zero exit code, so you could do this instead:
git clone "https://…#…/path/to/repo" || exit 1;
If you want to keep retrying until the command succeeds, use a loop:
read -e -p 'Input your github username: ' username
read -e -p 'Input your github password: ' password
while ! git clone "https://…#…/path/to/repo"; do
echo 'Error cloning, please retry' >&2;
read -e -p 'Input your github username: ' username
read -e -p 'Input your github password: ' password
done
You might also be interested in How to get a password from a shell script without echoing for preventing shoulder surfing while entering the password.
Related
I want to pass my password in a script while running the command
ansible-playbook --ask-vault-pass main.yml .
This command prompts for password used echo but doesnt work here
I am running a particular mongo command which is not hiding the password in ps for some reason. Upon checking the mongo community they are asking us to hide the password on ps by sending the password as an input via echo command
Example
echo mypassword | usr/bin/mongostat --quiet -u readonly --authenticationDatabase admin
Now this works fine as long as the echo password is used at the start of the mongostat command, but the problem comes in when I store this entire value as a string in a variable
password="pass#123"
mongo_command="echo $password | usr/bin/mongostat --quiet -u readonly --authenticationDatabase admin"
$mongo_command
So when I execute the above script the output is coming as follows
pass#123 | /usr/bin/mongostat --quiet -u readonly --authenticationDatabase admin
It is ignoring the echo keyword and only sending the password when the $mongo_command is executed. So how can I avoid this and ensure that echo goes along with the password, then followed by the pipe (|) symbol to the mongo command so that it looks as shown below
echo Csco#123 | /usr/bin/mongostat --quiet -u readonly --authenticationDatabase admin
Enter password:
insert query update delete getmore command flushes mapped vsize res faults qrw arw net_in net_out conn set repl time
Thanks
I'm trying to set up a gitlab CI/CD.
1 of the script I use is :
sshpass -p $PRIVATE_KEY ssh -p $PORT -o StrictHostKeyChecking=no $USER#$SERVER01 "cd /var/www/html/app && export HISTIGNORE='*sudo -S*' && echo "$PRIVATE_KEY" | ( sudo -S -k git fetch && sudo -S -k git pull )"
as you can see I'm trying to update the application in my server.
FYI, I have already set up the variables in the gitlab CI/CD settings page.
But, when the job runs, it always returns this error message :
Conflicting password source
Usage: sshpass [-f|-d|-p|-e] [-hV] command parameters
-f filename Take password to use from file
-d number Use number as file descriptor for getting password
-p password Provide password as argument (security unwise)
-e Password is passed as env-var "SSHPASS"
With no parameters - password will be taken from stdin
-P prompt Which string should sshpass search for to detect a password prompt
-v Be verbose about what you're doing
-h Show help (this screen)
-V Print version information
At most one of -f, -d, -p or -e should be used
I have already googled around, but found no clue.
Any clue would be much appreciated.
I finally found the solution.
So the above command worked for master branch, but it didn't work for develop, knowing this pattern, I checked the variables settings, then found out that I turned on the Protect variable flag, the flag says Export variable to pipelines running on protected branches and tags only.
Since develop is not a protected branch, I was thinking that the variable values were not passed into the pipeline.
So, I unchecked this flag for all variables and finally got it working.
I am using SSH command to execute the bash scripts remotely:
ssh user#server 'bash -s' < $script_dir/script.sh
And inside the script.sh, I will have the command like below:
ssh-keygen -t rsa
ssh-copy-id postgres#$sqlserver
ssh postgres#$sqlserver -C true
And also
printf "Creating user in postgresql server...\n"
createuser -s -P username
Which need user's input, but I found when I execute the command from the remote server, it will skip getting the users' input and failed.
Another one is:
printf "Please enter your barman server name: \n" ; read -s barmanserver
Which cannot read user's input neither
I know that the script seems cannot read the other terminal's input, but can anyone help me find a solution if I need the user input to continue?
Thanks a lot!!
Eva
I have used something like this in the past. I am not quite sure why I installed sshpass though.
apt-get install sshpass -y
echo "Adding users to new VMs"
adduser adminuser
echo "changing user password"
echo "adminuser:password" | chpasswd
adduser adminuser sudo
It does work, but it gives you some warning.
I've built a script "createcontainer.sh" to automatically create a container. I call the script as follows:
./createdocker.sh newuser newpass
Internal to the script, the two arguments are assigned to variables as follows:
USERNAME=$1 <-- thus USERNAME=newuser
PASSWORD=$2 <-- thus PASSWORD=newpass
The goal is to create the container (this works), log into it with "root/originalpassword" combination I created in the original image (this works), then add "newuser/newpass" credentials which can then be used to access the container via SSH (this appears to work but doesn't actually work).
Inside createdocker.sh is the following line:
/usr/bin/sshpass -p $ORIGINALPASSWORD ssh -p $PORT -o StrictHostKeyChecking=no root#$IP $SCRIPT
What this does is tell the "createcontainer.sh" script to log into the $IP of the container on $PORT with root and $ORIGINALPASSWORD, automatically accept the SSH host key, then execute $SCRIPT which is defined as follows:
SCRIPT="adduser $USERNAME;\ <-- add newuser
echo -e $PASSWORD\n$PASSWORD | (passwd --stdin $USERNAME);\ <-- set newpass
echo ssh username: $USERNAME;\
echo ssh password: $PASSWORD;\
echo Instance Login Success;\
exit"
As a result, the behavior of my script is as follows:
[root#netunique docker-sshd]# ./signup_createdocker.sh newuser newpass
Instance Created
adduser newuser;echo -e newpass\nnewpass | (passwd --stdin newuser);echo ssh username: newuser;echo ssh password: newpass;echo Instance Login Success;exit
Warning: Permanently added '[localhost]:32936' (RSA) to the list of known hosts.
Changing password for user newuser.
passwd: all authentication tokens updated successfully. <-- appears 'set newpass' worked
ssh username: newuser
ssh password: newpass
Instance Login Success
I then attempt to log into the container with the new credentials:
[root#netunique docker-sshd]# ssh -p 32936 newuser#localhost
myuser#localhost's password: <-- here I type 'newpass'
Permission denied, please try again. <-- here the login fails
myuser#localhost's password:
I think my problem has to do with my quotes (") and evaluation of variables within those quotes. Specifically the in SCRIPT which starts with "echo -e".
If I actually (without the script) log into the container manually and issue the following commands, everything works fine. I'm able to log out of the container than back in with newuser/newpass credentials and I can get into the container just fine.
adduser newuser
echo -e "newpass\nnewpass" | (passwd --stdin newuser)
Notice above though that newpass\nnewpass are surrounded in quotes (") whereas in SCRIPT the entire string is surrounded in quotes ("), not specifically the echo -e statement. If anyone can advise how to fix this, it would help me out a lot. Thanks in advance for the help.
BEFORE
SCRIPT="adduser $USERNAME;\ <-- add newuser
echo -e $PASSWORD\n$PASSWORD | (passwd --stdin $USERNAME);\ <-- set newpass
echo ssh username: $USERNAME;\
echo ssh password: $PASSWORD;\
echo Instance Login Success;\
exit"
AFTER
SCRIPT="adduser $USERNAME;\
echo -e \"$PASSWORD\n$PASSWORD\" | (passwd --stdin $USERNAME);\
echo ssh username: $USERNAME;\
echo ssh password: $PASSWORD;\
echo Instance Login Success;\
exit"
I had to include quotes (") around $PASSWORD\n$PASSWORD (which I had previously tried), but I also had to escape them with blackslash (\) like this: \"