Problems piping password

Shell Programming and Scripting
1

hello again. I'm hoping one of you can help me out. I trying to pipe a kdialog password for the following command:

Blockquote
echo “$PASSWORD” | sudo -S pv -n -s dd if=$filesource of=/dev/$selected_device bs=$bs status=progress | kdialog --progressbar “Copying Data” 100

but when i execute it i get

[sudo] password for yikes: org.kde.k
dialog-11130 /ProgressDialog
Sorry, try again.
[sudo] password for yikes:
sudo: no password was provided
sudo: 1 incorrect password attempt

I'm using

PASSWORD=$(kdialog --password --title="Password Prompt")

2

The pipe feeds the sudo stdin.
But normally sudo takes the password from a non-echoing tty, not stdin.
Try --stdin

echo “$PASSWORD” | sudo --stdin ...

Or let sudo open a GUI input (that is hopefully configured)

sudo --askpass ...
1 Like
3

Just a side note: if you obtain a cleartext password into PASSWORD variable and then use echo $PASSWORD command, then the cleartext password will be visible in the process list for everyone. Thus should be avoided.

The using --askpass option, as @MadeInGermany mentioned is a much more secure way to do the same.

4

Good point.
But here the echo command is a shell-builtin, and in most if not all shells the builtins don't fork/exec to new processes.
Yes, the external /usr/bin/echo command would be unsafe.
Furthermore, <<< “$PASSWORD” sudo --stdin ... would be unsafe: the "here string" is saved in /tmp/

1 Like