Keeping our passwords well secured is something that we all need to take seriously, but what do you do if a particular program or app displays your password in plain sight as you are typing it? Today’s SuperUser Q&A post has the solution to a frustrated reader’s password problem.
Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.
SuperUser reader user110971 wants to know how to keep passwords invisible when running a command as an SSH argument:
If I run this command and start typing the MySQL password, the password is visible on the screen:
- ssh user@server ‘mysql -u user -p’
How can I prevent this? If I log in through SSH and execute the MySQL command, then everything works fine.
How can you keep passwords invisible when running a command as an SSH argument?
SuperUser contributor Toby Speight has the answer for us:
If you provide a remote command to run, SSH does not allocate a tty, so the remote command is unable to disable echo. You can force SSH to provide a tty using the -t option:
- ssh -t user@server ‘mysql -u user -p’
The equivalent option (for -o or for the config file) is RequestTTY. I would caution against using it in the config file because it can have unwanted effects for non-interactive commands.
Have something to add to the explanation? Sound off in the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.
Image Credit: Linux Screenshots (Flickr)