[SOLVED] How to pass password in a loop in shell script?

shivaa · 10-26-2012, 07:49 AM

Hello everyone!
I have a script like this:

Code:

serverlist="server1 server2 server3 server4... server10"
for server in $serverlist
do
ldapsearch -h $server -p ......  > /home/jack/output.txt
.....
.....
echo "Result"
done

The ldapsearch command always needs a password to fetch the output data from the $server. So when I run this script, I have to enter the password 10 times for 10 servers.
Is there any way so can I pass the password only once - either inside the script or after invoking it?
One more thing, since it needs password for every server, so after display echo message "Result" it dispalys "Enter password".. which also I don't want to display. I just want to display the result message.

acid_kewpie · 10-26-2012, 07:52 AM

At its most simple just use $1 as the password and that will pass the first parameter the script is executed with, e.g. "./myscript 'p4$$w0rd'"

shivaa · 10-26-2012, 08:00 AM

Quote:

Originally Posted by acid_kewpie

At its most simple just use $1 as the password and that will pass the first parameter the script is executed with, e.g. "./myscript 'p4$$w0rd'"

Thanks Chris, script is executing like this:

Code:

Enter bind password:
Result
Enter bind password:
Result
Enter bind password:
Result
........
........

Can you explain your answer little more, and show that how can I pass password using $1 variable, by modifying my script? I'd be thankful to you.

acid_kewpie · 10-26-2012, 08:45 AM

serverlist="server1 server2 server3 server4... server10"
for server in $serverlist
do
ldapsearch -h $server -w $1 > /home/jack/output.txt
.....
.....
echo "Result"
done

shivaa · 10-26-2012, 09:41 AM

Awesome Chris! Everything's working fine now!
Keep it up!! Cheers!!!

archShade · 10-26-2012, 09:42 AM

I really want to recomend against using $1 as the way to read in a pasword. If you really trust your enviroment it could be OK but someone "sholder surfing" could see your pasword in plain text. This will also copy your password to ~/.bash_history. OK again you could argue that it's safe but as there is an easy fix why risk it.

I use the command "read -p "Enter Password: " -s password_store" (without quotes) to read a password into a script.
read reads in a file if no file is specified then stdin is used, the "-p" flag print a string, the "-s" flag suppresses typed values being used output to stdout. The final term is a varible to store the string passed to.

I have an example file. It was copied out of someone elses code (I can't rember who).

Code:

#! /bin/bash

#A short example of how to read a string into a script
#while suppressing typed characters on stdout.
#Used to prevent "sholder surfing" and passwords being stored in bash_history

read -p "Enter Password: " -s password

#As this is an example we will now write password to stdout.

echo -e "\n" $password

I'm sure there is another way using stty as well.

shivaa · 10-26-2012, 10:16 AM

Thanks a lot @archShade. Your tips are also helpful as it helped me to avoid any password disclosure pb.