silent raw_input for passwords

[Stephen Boulet]

I need a password for a script and I would like to not have it stored in a
file or shown in a terminal.

"passphrase = raw_input()" still lets you see the input on the screen. Is
there a way to have it be hidden? It's my gpg passphrase, so I don't want
it anywhere except in my head.

If anyone's interested, I'm wrapping the command for the duplicity program
(incremental GPG encrypted backups to an FTP server;
http://www.nongnu.org/duplicity/):

===========================
#!/bin/env python

from ftplib import FTP
from os import popen

dirfile = '/usr/local/backups.txt'
dirs = file(dirfile).read().split('\n')

host = 'ftphost'
uname = 'ftpuname'
password = 'ftppass'

ftp = FTP(ftphost)
ftp.login(ftpuname,ftppass)
l=ftp.nlst()

for i,dir in enumerate(dirs):
if str(i+1) not in l:
print 'Directory "%s" is not on the FTP server.' % dir
print "Creating directory %d on server..." % (i+1)
ftp.mkd(str(i+1))
ftp.quit()

print "Starting duplicity synchronization ..."
print "Enter your passphrase:"
passphrase = raw_input()
passphrase = "PASSPHRASE=" + passphrase

for i in range(1,len(dirs)+1):
command = passphrase + ' duplicity ftp://'
command += ftpuname + '@' + ftphost + '/ "'
command += dirs[i-1] + '" ' + str(i)
print "Starting backup of directory %s" % dirs[i-1]
popen(command).read()

print "Done!"

 

[Heather Coppersmith]

I need a password for a script and I would like to not have it
stored in a file or shown in a terminal.

"passphrase = raw_input()" still lets you see the input on the
screen. Is there a way to have it be hidden? It's my gpg
passphrase, so I don't want it anywhere except in my head.

See the getpass module; it's part of the standard library.

Most GUI's have similar functionality.

HTH,,
Heather

 

[Stephen Boulet]

Thanks!

See the getpass module; it's part of the standard library.

Most GUI's have similar functionality.

HTH,,
Heather

 

[Dan Bishop]

I need a password for a script and I would like to not have it stored in a
file or shown in a terminal.

"passphrase = raw_input()" still lets you see the input on the screen. Is
there a way to have it be hidden? It's my gpg passphrase, so I don't want
it anywhere except in my head.

There's probably an easier way, but you can use:

def input_password(echo=True):
chars = []
while True:
newChar = getch()
if newChar in '\r\n':
break
elif newChar in '\b\x7F':
if chars:
del chars[-1]
sys.stdout.write('\b')
else:
chars.append(newChar)
if echo:
sys.stdout.write('*')
return ''.join(chars)

 

[Dominique Orban]

I need a password for a script and I would like to not have it stored in a
file or shown in a terminal.

"passphrase = raw_input()" still lets you see the input on the screen. Is
there a way to have it be hidden? It's my gpg passphrase, so I don't want
it anywhere except in my head.

There's probably an easier way, but you can use:

def input_password(echo=True):
chars = []
while True:
newChar = getch()
if newChar in '\r\n':
break
elif newChar in '\b\x7F':
if chars:
del chars[-1]
sys.stdout.write('\b')
else:
chars.append(newChar)
if echo:
sys.stdout.write('*')
return ''.join(chars)

How is this different from getpass.getpass() ?