1

I want my bash script to write a string to standard input stream. I want it to pass my password to git push command. I've tried the three following options and neither of them worked: git was asking me for the password.

#!/bin/bash

# 0
git push origin master <<< 'password'

# 1
echo 'password' | git push origin master

# 2
git push origin master <<EOF
password
EOF
devnull
  • 118,548
  • 33
  • 236
  • 227
Kolyunya
  • 5,973
  • 7
  • 46
  • 81
  • @devnull no duplicate. `git push` is just an example. And I want to know why the above methods did not work. – Kolyunya Mar 07 '14 at 08:24
  • 2
    @Kolyunya: If `git push` is just an example, than it is a bad one. The reason it does not work is that _git does not ask for password on standard input_. It asks (in ssh case actually ssh does) it on controlling terminal. This is so that you can pass data to the remote command and still give the password on terminal. – Jan Hudec Mar 07 '14 at 08:26

1 Answers1

4

All the three methods work pass the string password␤ to the command.

The problem is that the command does not read password from standard input. It reads it from controlling terminal, i.e. opens the special file /dev/tty and reads from there.

In case of ssh transport, it is actually the ssh that asks the password and it does it the above way (it thus follows that this discussion applies to any other use of ssh or tool based on ssh as well). In case of http transport git does it in the same way.

The reason is twofold:

  1. So that you can redirect the input and/or output of the actual command and still give password from keyboard and see the prompt on the terminal and
  2. to prevent the thing you are trying to do, which is strongly discouraged for security reasons.

See Git push: username, password, how to avoid? for how to use git remote commands without giving password each time. If you insist on http, the options in Is there a way to skip password typing when using https:// on GitHub? or Git http - securely remember credentials are more secure. See also gitcredentials(7).

Community
  • 1
  • 1
Jan Hudec
  • 73,652
  • 13
  • 125
  • 172
  • I still can pass pasword to `/dev/tty` from my bash script, right? – Kolyunya Mar 07 '14 at 08:35
  • @Kolyunya: No, you can't (at least not easily). `/dev/tty` is a special file that is always the controlling terminal of the process. There are some applications that can provide custom terminal to a process like [expect](http://expect.nist.gov/), but there are easier ways to use git without password or provide it a password than that. – Jan Hudec Mar 07 '14 at 08:44
  • @Kolyunya: I've added links to other explanations of where HTTP password can be saved for git. Single-purpose ssh keys are still the most secure option though. – Jan Hudec Mar 07 '14 at 08:51