keep-passwords-invisible-when-running-a-command-as-an-ssh-argument-00

Keeping our passwords well secured is something that we all need to take seriously, but what do you do if a particular program or app displays your password in plain sight as you are typing it? Today’s SuperUser Q&A post has the solution to a frustrated reader’s password problem.

Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.

The Question

SuperUser reader user110971 wants to know how to keep passwords invisible when running a command as an SSH argument:

If I run this command and start typing the MySQL password, the password is visible on the screen:

  • ssh user@server ‘mysql -u user -p’

How can I prevent this? If I log in through SSH and execute the MySQL command, then everything works fine.

How can you keep passwords invisible when running a command as an SSH argument?

The Answer

SuperUser contributor Toby Speight has the answer for us:

If you provide a remote command to run, SSH does not allocate a tty, so the remote command is unable to disable echo. You can force SSH to provide a tty using the -t option:

  • ssh -t user@server ‘mysql -u user -p’

The equivalent option (for -o or for the config file) is RequestTTY. I would caution against using it in the config file because it can have unwanted effects for non-interactive commands.


Have something to add to the explanation? Sound off in the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.

Image Credit: Linux Screenshots (Flickr)