Open tps800 opened 4 years ago
aslafy-z
commented
4 years ago You have to single quote the string: echo \'{PASSWORD}\' > $FILE
But I would recommend to use the sshpass environment method instead:
cmd://bash -c 'xterm -e SSHPASS=\'{PASSWORD}\' sshpass -e ssh -o ...'
tps800
commented
4 years ago On Thu, Feb 20, 2020 at 7:44 PM Zadkiel notifications@github.com wrote:
You have to single quote the string: echo \'{PASSWORD}\' > $FILE
But I would recommend to use the sshpass environment method instead:
cmd://bash -c 'xterm -e SSHPASS=\'{PASSWORD}\' sshpass -e ssh -o ...'
This should work:
cmd://bash -c 'SSHPASS=\'{PASSWORD}\' cssh --user={USERNAME} {BASE:RMVSCM}'
leads to "File not found", because bash tries to find "SSHPASS=\'abc!abc!$abc!xyz\' cssh --user=user host" which, for sure, isn't a commands name within PATH. Indeed using " (double quote) instead of ' (single quote) will work, but lead to interpreting $abc within {PASSWORD} as an expandable variable:
URL-Overwrite: cmd://bash -c "SSHPASS=\'{PASSWORD}\' cssh --user={USERNAME} {BASE:RMVSCM}"
is handled to system as: bash -c "SSHPASS='abc!abc!$abc!xyz' cssh --user=user host"
Since bash is used to handle the given command (it is the users default shell), expansion leads to ($abc is not defined): bash -c "SSHPASS='abc!abc!!xyz' cssh --user=user host"
Next step: SSHPASS='abc!abc!!xyz' cssh --user=user host
The shell defines variable SSHPASS, then calls cssh: SSHPASS=abc!abc!!xyz cssh --user=user host
cssh is a simple script opening an xterm, defining colors at users will, then looking if $SSHPASS is defined and if calling ssh: sshpass -e ssh -l user host
This will fail, since "abc!abc!!xyz" is not the needed password "abc!abc!$abc!xyz".
I've tried both: single quotes, within url-overwrite: these lead to "file not found" and double quotes they lead to expansions if passwords hold "$"-signs. I've tried to escape this would not help either, because I would have to escape the "$"-signs within the password. Which I can't do, because I am to late -- bash is already running at this point and has expanded variables as possible. What we need is something that puts the password without any changes into an environment variable SSHPASS leaving bash or others no chance to change anything. Ideally this could be done by keepass2 itself.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/kvaps/keepass-url-overrides/issues/3?email_source=notifications&email_token=AAFLNTEARPUWMJB5TUIUL7DRD3FPTA5CNFSM4KYLVGAKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEMPTBOI#issuecomment-589246649, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAFLNTG6AODSL7ORYXLHWNTRD3FPTANCNFSM4KYLVGAA .
-- Thomas
tps800
commented
4 years ago for bash or sh as your primary shell you can use:
cmd://bash -c "SSHPASS='{PASSWORD}' cssh --user={USERNAME} {BASE:RMVSCM}"
But with zsh this wont work again ...! With this again: it would be nice to have keepass set an environment variable filled with the password, independent of any shell interpretation (same for user and hostname) Maybe something like {PASSWORD=SSHPASS} ({USERNAME=USER}, {BASE:RMVSCM=HOST}) or fields assigned to environment variables, filled with whatever the user thinks has to go there (may be quite simple named var1, var2, var3, ..., varN)?
On Mon, Feb 24, 2020 at 1:00 PM Thomas Schweikle tschweikle@gmail.com wrote:
On Thu, Feb 20, 2020 at 7:44 PM Zadkiel notifications@github.com wrote:
You have to single quote the string: echo \'{PASSWORD}\' > $FILE
But I would recommend to use the sshpass environment method instead:
cmd://bash -c 'xterm -e SSHPASS=\'{PASSWORD}\' sshpass -e ssh -o ...'
This should work:
cmd://bash -c 'SSHPASS=\'{PASSWORD}\' cssh --user={USERNAME} {BASE:RMVSCM}'
leads to "File not found", because bash tries to find "SSHPASS=\'abc!abc!$abc!xyz\' cssh --user=user host" which, for sure, isn't a commands name within PATH. Indeed using " (double quote) instead of ' (single quote) will work, but lead to interpreting $abc within {PASSWORD} as an expandable variable:
URL-Overwrite: cmd://bash -c "SSHPASS=\'{PASSWORD}\' cssh --user={USERNAME} {BASE:RMVSCM}"
is handled to system as: bash -c "SSHPASS='abc!abc!$abc!xyz' cssh --user=user host"
Since bash is used to handle the given command (it is the users default shell), expansion leads to ($abc is not defined): bash -c "SSHPASS='abc!abc!!xyz' cssh --user=user host"
Next step: SSHPASS='abc!abc!!xyz' cssh --user=user host
The shell defines variable SSHPASS, then calls cssh: SSHPASS=abc!abc!!xyz cssh --user=user host
cssh is a simple script opening an xterm, defining colors at users will, then looking if $SSHPASS is defined and if calling ssh: sshpass -e ssh -l user host
This will fail, since "abc!abc!!xyz" is not the needed password "abc!abc!$abc!xyz".
I've tried both: single quotes, within url-overwrite: these lead to "file not found" and double quotes they lead to expansions if passwords hold "$"-signs. I've tried to escape this would not help either, because I would have to escape the "$"-signs within the password. Which I can't do, because I am to late -- bash is already running at this point and has expanded variables as possible. What we need is something that puts the password without any changes into an environment variable SSHPASS leaving bash or others no chance to change anything. Ideally this could be done by keepass2 itself.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/kvaps/keepass-url-overrides/issues/3?email_source=notifications&email_token=AAFLNTEARPUWMJB5TUIUL7DRD3FPTA5CNFSM4KYLVGAKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEMPTBOI#issuecomment-589246649, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAFLNTG6AODSL7ORYXLHWNTRD3FPTANCNFSM4KYLVGAA .
-- Thomas
-- Thomas
Wont work if Password contains "!" as "!" will trigger history expansion.