I am writing script which contains smbget -u user -p password smb://host/share/file command. Is there any way to hide password parameter in this script? Script will be used on computer which is shared by multiple users. I want to give them opportunity to download file without showing my password.
1 Answer
The comment provided by Marc is correct. You can work around the problem by using mount.cifs (possibly via AutoFS if required) and taking advantage of the credentials option during mount - that option allows you to store the password in a non-user readable location.
mount.cifs //some/server /mnt/somewhere -o credentials=/root/credentials_file ...
Your script could mount this location and retrieve the file for the user (or just give the users access to the location). You'd need to have an appropriate entry in your /etc/fstab file or configured with AutoFS to make it work with your script.
An alternative would be to write the script using something which can be compiled - it's not secure for a number of other reasons, but might fit your bill.
echo $password. There is no way to safely provide your password to someone via a bash script that they can't subvert to get the PW out. If everyone gets access to this file, why not just make that share read-only with no password?