Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How can I make an expect script prompt for a password?

Tags:

I have an expect script that connects to a few routers through ssh. All these routers have the same password (I know, it's wrong), and the script needs to know that password in order to be able to connect to the routers. Currently, the password is passed to my script as an argument on the command line, but this means that there's a trace of that password in my .bash_history file as well as in the running processes. So instead I would like the user to be prompted for a password, if possible silently.

Do you know whether or not it's possible to prompt the user for a password with expect?

Thank you.

Edit: if I was connecting to servers instead of routers, I would probably use ssh keys instead of passwords. But the routers I'm using just support passwords.

like image 366
MiniQuark Avatar asked Mar 25 '09 14:03

MiniQuark


People also ask

How do I run a command in Expect script?

The first line defines the expect command path which is #!/usr/bin/expect . On the second line of code, we disable the timeout. Then start our script using spawn command. We can use spawn to run any program we want or any other interactive script.

How do you pass command line arguments in Expect script?

exp #!/usr/bin/expect puts 'argv0 : [lindex $argv 0]'; puts 'argv1 : [lindex $argv 1]'; While executing the above script, pass the command line options, which will be treated like an argument (instead of expect options) as shown below.

How to stop Autoexpect?

To stop recording keystrokes to your script, press Ctrl+D on your keyboard to stop Autoexpect and copy the buffer to your file.

What is Exp_continue?

The command exp_continue allows expect itself to continue executing rather than returning as it normally would. By default exp_continue resets the timeout timer. The -continue_timer flag prevents timer from being restarted. (See expect for more information.)


1 Answers

Use expect's stty command like this:

# grab the password stty -echo send_user -- "Password for $user@$host: " expect_user -re "(.*)\n" send_user "\n" stty echo set pass $expect_out(1,string)  #... later send -- "$pass\r" 

Note that it's important to call stty -echo before calling send_user -- I'm not sure exactly why: I think it's a timing issue.

expect programmers should all read the book: Exploring Expect by Don Libes

like image 186
glenn jackman Avatar answered Oct 12 '22 12:10

glenn jackman