Operating System - HP-UX
1747997 Members
4802 Online
108756 Solutions
New Discussion юеВ

Re: Hidden string in remsh

 
SOLVED
Go to solution
Test e Collaudo Dipart.
Occasional Advisor

Hidden string in remsh

Hi everyone!
This is my problem:
I have to type something like a password on an HP-UX 11i system. This string must be hidden while is typed.
On local I use this kind of script:

export TERM=vt100
stty -echo
read MYSTRING
stty echo
MYSTRING=$(echo $MYSTRING|tr -d "[\015]")

But if I launch this script by remsh it doesn't work...
stty: : Unknown error
How can I encrypt or hidden the typing using remsh?

Thanks
Vale et valete
ZAMPO
13 REPLIES 13
Sridhar Bhaskarla
Honored Contributor

Re: Hidden string in remsh

Hi,

Are you running the stty command on the remote system?. One problem with it is that you cannot run interactive sessions with remsh. Moreover -echo is a local mode option and I am not sure if it is going to work as you are not really applying the controls to the local terminal (from where you are running remsh).

I suggest you do the stty stuff on the local terminal and pass the data (MYSTRING) to your remsh command if possible.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
Test e Collaudo Dipart.
Occasional Advisor

Re: Hidden string in remsh

Thank you for your reply, but is not possible to do the stty stuff on the local terminal...
I'm looking for an alterative way instead of the use of "stty".
I have to use script in remsh and I'd like to hide my typing.


Vale et valete
ZAMPO
Simon Hargrave
Honored Contributor

Re: Hidden string in remsh

Unfortunately the stty command does not work over the BSD remote commands because they don't create tty's.

Does the remote script need other input, apart from the password?

If not then perhaps you could do: -

stty -echo
remsh yourhost yourscript.sh
stty echo

So turn off echo before remshing?
Test e Collaudo Dipart.
Occasional Advisor

Re: Hidden string in remsh

Great Simon,
I like your solution, but it's not my situation...
The problem is that I have 2 concatenated remsh...
The first is from an html page (and i cannot modify that) to an Unix server.
The second is from an Unix server to another unix server!
I can ask for the "password" on the first or the second Unix server.
I'm looking for an alternative to the command
stty
P.S. The password is for connect to an Oracle DB

Thanks for helping me!

Vale et valete
ZAMPO
Simon Hargrave
Honored Contributor

Re: Hidden string in remsh

I'm a little confused when you say you call remsh from a html page? Do you mean it's called from a cgi shell on a web page? eg called when a form is submitted, for example?

If so then I don't understand how your script can be prompting for the password, since cgi-scripts (or any other way from a html page as far as I'm aware) are not interactive and therefore cannot prompt for a password during execution?

Please give more details of what exactly your setup is and I'll try to help more.
Test e Collaudo Dipart.
Occasional Advisor

Re: Hidden string in remsh

My script is only a ring in a chain!

I suppose is a cgi that launch a script on a first server. I have no visibility of the cgi script and I cannot change it!
The (maybe) cgi script call a remsh to a first server. This first unix script connect the operator to a database Server on another machine.
We have several DBs on several servers, so the first script knows if the DB is on a Window (sql server) or an Unix (Oracle) server.
If the db is on an Unix server, the first script call a remsh on the second server. Here there is my script.
My script is launched by a remsh from an Unix server and my script need to ask to the operator the DB password, because connect me to a database (That is on another server -the 3rd one!)
It's a little complicated!!!
I hople to have explain it clearly; if you need more infos, ask for they!

Thanks a lot
Vale et valete
ZAMPO
Simon Hargrave
Honored Contributor

Re: Hidden string in remsh

Hmm, I think I see.

However the problem remains that because your script doesn't have direct access to the tty functions and therefore to set the terminal to not echo, the terminal will echo (it's a hardware thing not a software thing).

One thing you could do, which is very crude but would stop over-the-shoulder readers from getting the password would be something like: -

# START OF SCRIPT
trap "rm lockfile 2>/dev/null" 0

clear
echo "Press ENTER, then type in the password. The screen will be blank."
read JUNK

touch lockfile
while [ -r lockfile ]
do
clear
done &

read STUFF

rm lockfile 2>/dev/null
echo Your password is : $STUFF
# END OF SCRIPT

Basically this script, before the read command, kicks off a background process that constantly clears the screen. Input is then read, but is wiped from the screen as it's being typed. After read, the lockfile is removed, which stops the background loop. The trap is just to force the background loop to stop if the script breaks out.

If on a slow terminal, it may be an option to use echo ".\c" instead of clear, to fill the screen with dots.

Not tidy, but an option.

Is there any reason why the password actually has to be manually typed by the operator, rather than being encoded into the script (with restricted read permissions, of course).
Simon Hargrave
Honored Contributor

Re: Hidden string in remsh

Actually the script would be slightly more user friendly if it were like this: -

trap "rm lockfile.$$ 2>/dev/null" 0

touch lockfile.$$
while [ -r lockfile.$$ ]
do
clear
echo "Enter password, then press RETURN"
done &

read STUFF

rm lockfile.$$ 2>/dev/null
echo Your password is : $STUFF