Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

or easier and shorter:

   printf PaSSw0rd | sha1sum


Or call shasum or sha1sum and input your password on stdin so your shell history doesn't contain your password in plain text.


Just pop a space at the beginning and it won't go into shell history.


It does for me

  >  echo test
  test
  > history
  ...
  6730   echo test
  6731  history


Set this in your .bashrc

  HISTCONTROL=ignorespace
Or even better, though unrelated to this topic... Also get it to ignore duplicates that come next to each other.

  HISTCONTROL=ignoredups:ignorespace


That's a bash-ism that's controlled by the $HISTCONTROL environment variable, not universally-applicable advice. $HISTCONTROL set to "ignorespace" or "ignoreboth" may or may not be the default, depending on your distribution.


Yeah already replied below specifying that - I was under the impression that it's default to on in most distros, but don't actually have a clue which do/don't.


it will still be in ps output for a short while...


Ultra paranoid. I like the way you think.


    python -c 'import hashlib; from getpass import getpass; s = hashlib.sha1(); s.update(getpass()); print s.hexdigest()'


how do you get rid of the carriage return as last char that way?


Use Ctrl-d to end input without hitting return and you shouldn't get a newline.


bash, at least, only handles Ctrl-d on its own line.


If you're not on a new line, you can type Ctrl-d twice.


What if my password contains % characters?


Yeah, note that this doesn't work with all password combinations. I just use the Python version above

  python -c 'import hashlib; print hashlib.sha1("reALpassWORD12%12").hexdigest()'
and then:

  history -d $((HISTCMD-2))
to delete the last entry in the bash history.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: