package password

import "github.com/purpleidea/mgmt/util/password"

Package password has some utility functions for dealing with misc passwords. XXX: Please note, the "github.com/tredoe/osutil/user/crypt/sha512_crypt" dependency is slightly suspicious and we should investigate it further to make sure there are no supply chain issues with it.

Index

Examples

Constants

const (
	// StdPrompt is the usual text that we would use to ask for a password.
	StdPrompt = "Password: "
)

Functions

func ReadPassword

func ReadPassword() ([]byte, error)

ReadPassword reads a password from stdin and returns the result. It hides the display of the password typed. For more options try ReadPasswordCtxFdPrompt instead. If interrupted by an uncaught signal during read, then this can bork your terminal. It's best to use a version with a context instead.

func ReadPasswordCtx

func ReadPasswordCtx(ctx context.Context) ([]byte, error)

ReadPasswordCtx reads a password from stdin and returns the result. It hides the display of the password typed. It cancels reading when the context closes. For more options try ReadPasswordCtxFdPrompt instead. If interrupted by an uncaught signal during read, then this can bork your terminal.

Example

Code:

{
	// Put this in a main function and it will not have the ioctl error!
	fmt.Println("hello")
	defer fmt.Println("exiting...")

	wg := &sync.WaitGroup{}
	defer wg.Wait()

	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
	defer cancel()

	// If we exit without getting a chance to reset the terminal, it might
	// be borked!
	ch := make(chan os.Signal, 1+1) // must have buffer for max number of signals
	signal.Notify(ch, syscall.SIGTERM, os.Interrupt)
	wg.Add(1)
	go func() {
		defer wg.Done()
		select {
		case <-ch:
			cancel()
		case <-ctx.Done():
		}
	}()

	password, err := ReadPasswordCtx(ctx)
	if err != nil {
		fmt.Printf("error: %+v\n", err)
		return
	}

	fmt.Printf("password is: %s\n", string(password))

	// Output: hello
	// error: inappropriate ioctl for device
	// exiting...
}

Output:

hello
error: inappropriate ioctl for device
exiting...

func ReadPasswordCtxFdPrompt

func ReadPasswordCtxFdPrompt(ctx context.Context, fd int, prompt string) ([]byte, error)

ReadPasswordCtxFdPrompt reads a password from the file descriptor and returns the result. It hides the display of the password typed. It cancels reading when the context closes. If specified, it will prompt the user with the prompt message. If interrupted by an uncaught signal during read, then this can bork your terminal.

func ReadPasswordCtxPrompt

func ReadPasswordCtxPrompt(ctx context.Context, prompt string) ([]byte, error)

ReadPasswordCtxPrompt reads a password stdin and returns the result. It hides the display of the password typed. It cancels reading when the context closes. If specified, it will prompt the user with the prompt message. If interrupted by an uncaught signal during read, then this can bork your terminal.

func SaltedSHA512Password

func SaltedSHA512Password(password []byte) (string, error)

SaltedSHA512Password is meant to generate Ulrich Drepper's salted SHA512 unix crypt password hash as seen at https://www.akkadia.org/drepper/SHA-crypt.txt and used for /etc/shadow and anaconda kickstart files. Please read the following disclaimer carefully before using this: XXX: I have no idea if I am doing this correctly, and I have no idea if the library I am using is doing this correctly. Please check! Also: https://github.com/golang/go/issues/21865

Source Files

password.go

Version
v0.0.0-20250322185616-c50a578426f1 (latest)
Published
Mar 22, 2025
Platform
linux/amd64
Imports
12 packages
Last checked
4 days ago

Tools for package owners.