Skip to content

Instantly share code, notes, and snippets.

@htammen
Last active July 20, 2020 14:53
Show Gist options
  • Save htammen/2832c4f4b778bbae6f99a1f4b694f0ea to your computer and use it in GitHub Desktop.
Save htammen/2832c4f4b778bbae6f99a1f4b694f0ea to your computer and use it in GitHub Desktop.
securely login via shell

Want to securely login to command line tools without exposing your credentials?

  • Install one of the Bitwarden clients (https://github.com/bitwarden)
  • Create your secure passwords with the Bitwarden client
    • Here I created a secure item with the namen xsa-engine
  • Install the Bitwarden CLI (https://github.com/bitwarden/cli)
  • At command line login to the Bitwarden CLI (bw login)
  • Write a script like the following to securely connect to your applications / servers. Here I connect to the HANA XSA server via xs client.
  • chmod 755 xsa_login.sh

xsa_login.sh:

#!/bin/bash
user=$(bw get username xsa-engine)
pw=$(bw get password xsa-engine)
url=https://xsa.company.com
orgname=myorgname
space=DEV
xs login -a $url -u $user -p $pw -o $orgname -s $space --skip-ssl-validation

You can now save your shell script to any public git repo without having to obscure your credentials.

@knghtbrd
Copy link

You shouldn't put a password on a command line if there's any chance there may be someone who can see your process (or run any program on your machine that can.)

@knghtbrd
Copy link

(Most can take the password via stdin, I would suggest doing that.)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment