i am trying to pass the password using stdin but I am getting an error.
Here is what I tried.
echo myPassword | sudo -S su - userName -s /bin/bash
echo 'myPassword' | sudo -S su - userName -s /bin/bash
In both case is am getting the error of -bash: line 1: myPassword: command not found
How can I resolve this?
3
Answers
Your password does not end in a newline.
Try this
In your case you use an echo command instead of ‘sudo’ that’s why error occurred.
you can use this command:
Alternatively, you can use the printf command to pass the password:
tricking a plaintext password into an ssh-based or other security relevant systems (also valid for SUDO, SFTP and likewise) is VERY difficult if it is designed to run in background because all above efforts will fail as soon as the terminal is gone.
The only way to safely fake the pwd entry requires deep knowledge of system calls to fake the input into an artifically added terminal (by e.g. `ssh -t´’).
The recommended way to do non-interactive authentication with these things for remote access is the private/public key authentication. Using this, you are done within minutes. Trying to go the above way, you are an expert if you manage to get it done within a day. I intended to post my old solution for this, but I’m still searching that old code on my disk … will post when found, but recommending not to use it.
The recommended way to deal with sudo without interactive password is the NOPASS option in sudoers.
Last but not least: the recommended way to switch to any user would be to have a sudo entry with root access to execute `su´ which is a security hoarse when equiped with NOPASS