Request: Secure way of specifying password

Question

Request: Secure way of specifying password

askvictor opened this issue 2 months ago · 4 comments

description

The current way of specifying the credentials on the command line is insecure as it ends up in the command line history.

proposed solution

Allow typing password, or specifying via a file or environment variable

Answer 1 · 2024-09-17T14:30:02.000Z

thank you for the suggestion, that makes sense. in the meantime, for anyone else concerned about this, leaving some workarounds suggested by hackernews users:

Generally if you put a space before your command it'll bypass the history, though depending on your *nix you might need to set HISTCONTROL=ignoreboth in your bashrc or similar if it's not already.

source

Agree that it would be nice to specify credentials a different way - however as a workaround: some bash-based shells support prefixing the command with a space as a way of not saving that command into history.
Ref: https://www.gnu.org/software/bash/manual/html_node/Bash-Vari...

source

Answer 2 · 2024-09-20T19:23:18.000Z

Hello, if it's not too much trouble, could I please be considered for this issue?

Answer 3 · 2024-09-20T19:52:39.000Z

@cs99alpha unfortunately, the core terminal app needs some refactoring and tests before it's ready for other ppl to contribute. i appreciate the offer though!

Answer 4 · 2024-09-22T22:07:40.000Z

Included in release v0.2.4