#8 passwords are not fully/properly escaped

v1.05
invalid
nobody
5
2016-07-02
2012-07-17
Anonymous
No

Passwords fed to sshpass are not being properly escaped.

When evoked from (at least) bash, a "!" is never interpreted literally unless singlequoted. This makes it difficult to use it within automated processes for which no keys are available.

This is contrary to the behavior of printf or echo.

For instance:
passwd="foo!bar" <-- correct password for user@host
sshpass -p$passwd ssh user@host <-- fails
sshpass -p"$passwd" ssh user@host <-- fails
sshpass -p$(echo $passwd) ssh user@host <-- the only way to get this to work

This is present in both 1.04 (debian) and 1.05 (redhat)

Discussion

  • Shachar Shemesh

    Shachar Shemesh - 2015-04-24

    This is a problem with your shell, not with sshpass. Sshpass uses the password as received, no escaping at all. In order for a password containing ! to arrive at sshpass, however, you may need to tell your shell to ignore the !.

    I suspect that simply "echo $password" wouldn't work for you. I'm working with bash, and even:
    passwd="foo!bar"

    doesn't work. Once I set the variable to the correct value, however, I have no problem using it.

    I suspect that your outer shell is something, and your inner shell (inside $()) is bash. This means that the reason your echo works is because it is being executed with a different shell than the outer one.

     
  • Shachar Shemesh

    Shachar Shemesh - 2015-04-24
    • status: open --> closed-wont-fix
    • Group: --> v1.0 (example)
     
  • Shachar Shemesh

    Shachar Shemesh - 2016-07-02
    • status: closed-wont-fix --> invalid
     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks