How to hide password input from terminal in ruby script

ruby

I am new to ruby. I need to receive password as an input through gets command.

How do I hide the password input typed in the terminal, during gets call


One can also use core ruby.

$ ri IO.noecho

 (from ruby core)
 ------------------------------------------------------------------------------
   io.noecho {|io| }
  ------------------------------------------------------------------------------

 Yields self with disabling echo back.

   STDIN.noecho(&:gets)

 will read and return a line without echo back.

For 1.9.3 (and above), this requires you adding require 'io/console' to your code.

require 'io/console'
text = STDIN.noecho(&:gets)

There is a library called highline which works like this:

require 'rubygems'
require 'highline/import'

password = ask("Enter password: ") { |q| q.echo = false }
# do stuff with password

Best method from @eclectic923's answer:

require 'io/console'
password = STDIN.noecho(&:gets).chomp

For 1.9.3 (and above), this requires you adding require 'io/console' to your code.

Original Answer:

Ruby "Password" is another alternative.


Starting from Ruby version 2.3.0 you can use the IO#getpass method like this:

require 'io/console'
password = STDIN.getpass("Password:")

See the getpass method in the Standard Library Documentation.


As the others mention, you can use IO#noecho for Ruby >= 1.9. If you'd like support for 1.8, you can shell out to the read builtin shell function:

begin
  require 'io/console'
rescue LoadError
end

if STDIN.respond_to?(:noecho)
  def get_password(prompt="Password: ")
    print prompt
    STDIN.noecho(&:gets).chomp
  end
else
  def get_password(prompt="Password: ")
    `read -s -p "#{prompt}" password; echo $password`.chomp
  end
end

Now getting a password is as easy as:

@password = get_password("Enter your password here: ")

Note: In the implementation using read above, you'll run into trouble if you (or some other client of get_password) passes along special shell characters in the prompt (e.g. $/"/'/etc). Ideally, you should escape the prompt string before passing it along to the shell. Unfortunately, Shellwords isn't available in Ruby 1.8. Fortunately, it's easy to backport the relevant bits yourself (specifically shellescape). With that, you can make this slight modification:

  def get_password(prompt="Password: ")
    `read -s -p #{Shellwords.shellescape(prompt)} password; echo $password`.chomp
  end

I mentioned a couple problems with the use of read -s -p in a comment below:

Well, the 1.8 case is a little janky; it doesn't allow for backslashes, unless you hit backslash twice: "The backslash character `\' may be used to remove any special meaning for the next character read and for line continuation." Also: "The characters in the value of the IFS variable are used to split the line into words. " This should probably be fine for most little scripts, but you'd probably want something more robust for larger applications.

We can fix some of those problems by rolling up our sleeves and doing this the hard with stty(1). An outline of what we need to do:

  • Store the current terminal settings
  • Turn of echoing
  • Print the prompt & get user input
  • Restore the terminal settings

We must also take care to restore the terminal settings when interrupted by signals and/or exceptions. The following code will properly handle job control signals (SIGINT/SIGTSTP/SIGCONT) while still playing nicely with any present signal handlers:

require 'shellwords'
def get_password(prompt="Password: ")
  new_sigint = new_sigtstp = new_sigcont = nil
  old_sigint = old_sigtstp = old_sigcont = nil

  # save the current terminal configuration
  term = `stty -g`.chomp
  # turn of character echo
  `stty -echo`

  new_sigint = Proc.new do
    `stty #{term.shellescape}`
    trap("SIGINT",  old_sigint)
    Process.kill("SIGINT", Process.pid)
  end

  new_sigtstp = Proc.new do
    `stty #{term.shellescape}`
    trap("SIGCONT", new_sigcont)
    trap("SIGTSTP", old_sigtstp)
    Process.kill("SIGTSTP", Process.pid)
  end

  new_sigcont = Proc.new do
    `stty -echo`
    trap("SIGCONT", old_sigcont)
    trap("SIGTSTP", new_sigtstp)
    Process.kill("SIGCONT", Process.pid)
  end

  # set all signal handlers
  old_sigint  = trap("SIGINT",  new_sigint)  || "DEFAULT"
  old_sigtstp = trap("SIGTSTP", new_sigtstp) || "DEFAULT"
  old_sigcont = trap("SIGCONT", new_sigcont) || "DEFAULT"

  print prompt
  password = STDIN.gets.chomp
  puts

  password
ensure
  # restore term and handlers
  `stty #{term.shellescape}`

  trap("SIGINT",  old_sigint)
  trap("SIGTSTP", old_sigtstp)
  trap("SIGCONT", old_sigcont)
end

Related

Invert Angular 2 *ngFor
Add dynamic key, value pairs to JavaScript array or hash table
how to find the vertical distance from top in px of an element using jQuery
CSS: Background image and padding
Can't drop table: A foreign key constraint fails
How to identify previous view controller in navigation stack
How do I get the server timestamp in Cloud Functions for Firebase?
How to disable the parent form when a child form is active?
How can I remove all nil elements in a Swift array?
how to define index in angular material table
Error installing Python Image Library using pip on Mac OS X 10.9
Convert ConfigParser.items('') to dictionary