I have an expect script that connects to a few routers through ssh. All these routers have the same password (I know, it's wrong), and the script needs to know that password in order to be able to connect to the routers. Currently, the password is passed to my script as an argument on the command line, but this means that there's a trace of that password in my .bash_history file as well as in the running processes. So instead I would like the user to be prompted for a password, if possible silently.
Do you know whether or not it's possible to prompt the user for a password with expect?
Thank you.
Edit: if I was connecting to servers instead of routers, I would probably use ssh keys instead of passwords. But the routers I'm using just support passwords.
The first line defines the expect command path which is #!/usr/bin/expect . On the second line of code, we disable the timeout. Then start our script using spawn command. We can use spawn to run any program we want or any other interactive script.
exp #!/usr/bin/expect puts 'argv0 : [lindex $argv 0]'; puts 'argv1 : [lindex $argv 1]'; While executing the above script, pass the command line options, which will be treated like an argument (instead of expect options) as shown below.
To stop recording keystrokes to your script, press Ctrl+D on your keyboard to stop Autoexpect and copy the buffer to your file.
The command exp_continue allows expect itself to continue executing rather than returning as it normally would. By default exp_continue resets the timeout timer. The -continue_timer flag prevents timer from being restarted. (See expect for more information.)
Use expect's stty
command like this:
# grab the password stty -echo send_user -- "Password for $user@$host: " expect_user -re "(.*)\n" send_user "\n" stty echo set pass $expect_out(1,string) #... later send -- "$pass\r"
Note that it's important to call stty -echo
before calling send_user
-- I'm not sure exactly why: I think it's a timing issue.
expect programmers should all read the book: Exploring Expect by Don Libes
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With