I have a script, which prompts me for my password input, then it passes that password onto an argument for another script which is then passed onto an expect script which automates my logins to a bunch of servers to execute my commands.
example.
script A - request for password, pass password variable to expect script command
expect command - ./expect $password ssh@server �command�
expect script - obtain password from $argv 0 and execute.
I've seen a few posts about this request and can't find anything that works. Is anyone able to guide me in the right direction? I have tried using file descriptor and no luck.
Also, no ssh keys is not an option and hard coding passwords in files.
I don't think ps would see anything more than the variable name, but I could be wrong. Its hard to tell without seeing the whole code.
I don't know how much more coding you wish to do with the script, but one option might be to use gpg to encrypt a file with the password or passwords in it. Then you could just use the password to decrypt the file in the script and pass the real password or passwords to a variable in that script when decrypted.
Ansible may be a good tool for that as well. Again, hard to say without looking at the code.
This will not work. It will NOT pass the password argument PW variable to ps output, but the actual password itself.
Here is what I captured as another user other than my own.
xxxxx 15728704 14745672 0 00:32:28 pts/2 0:00 ./script hi ssh -o StrictHostKeyChecking=no user@server date
Just a thought, why do you need to use expect to perform the login to your servers? Would SSH keys not be a more secure way to achieve this? It would reduce a process where you could expose the application password.
Can you explain a bit more about what you are calling to do what?
