0

I use public and private key to ssh to a remote server without password. After that, I need to perform "git pull" command. But I don't know how to pass the password into it. Trying the following solution, but it does not work:

 #!/bin/sh ssh user@server ' cd /folder echo "password" | git pull '

Another thing is I don't want to expose the password in the script. Any suggestion? Thanks

Improve this question
2
  • Are you pulling from a SSH remote or a HTTP(S) one? Commented Sep 2, 2014 at 12:32
  • from a HTTP(S) one Commented Sep 2, 2014 at 12:42

1 Answer 1

Reset to default
2

You could probably use .netrc file (note: I havent't done this myself). You could either generate .netrc dynamically at runtime or have it sit there.

EDIT: As long as your script has access to .netrc, so does the user that runs the script. So if you give the script to someone else and that someone else has access to the private key, it doesn't matter that you don't have the password hard-coded in the script.

Improve this answer
6
  • Thanks. It works! But still password vulnerable Commented Sep 2, 2014 at 13:47
  • You could supply the password as command line argument, and write out the .netrc file at runtime using that password, then remove the file. Commented Sep 2, 2014 at 14:07
  • You may also want to remove .netrc using some secure removal tool. Can't give you a suggestion off the top of my head, but I'm sure there are a few out there. Commented Sep 2, 2014 at 14:09
  • what I really want is not providing the password not only as command line argument, but also in the script file. Commented Sep 12, 2014 at 12:03
  • I don't think that can be done. The whole point of using passwords is that you verify that a user knows it. If user doesn't know it, they shouldn't have access. What you are proposing is defeating the purpose of authentication. Commented Sep 14, 2014 at 10:16

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.