diff --git a/ipmitool/configure.in b/ipmitool/configure.in index 94d5c0f..6cbc806 100644 --- a/ipmitool/configure.in +++ b/ipmitool/configure.in @@ -50,6 +50,7 @@ AC_FUNC_STAT AC_FUNC_STRTOD AC_CHECK_FUNCS([alarm gethostbyname socket select]) AC_CHECK_FUNCS([memmove memset strchr strdup strerror]) +AC_CHECK_FUNCS([getpassphrase]) dnl check for byteswap functionality AC_CHECK_HEADERS([sys/byteorder.h byteswap.h]) diff --git a/ipmitool/doc/ipmitool.1 b/ipmitool/doc/ipmitool.1 index a5ff8c7..7a8263b 100644 --- a/ipmitool/doc/ipmitool.1 +++ b/ipmitool/doc/ipmitool.1 @@ -4,7 +4,7 @@ ipmitool \- utility for controlling IPMI-enabled devices .SH "SYNTAX" .LP -ipmitool [\fB\-ghcvV\fR] \fB\-I\fR \fIlan\fP \fB\-H\fR \fIhostname\fP [\fB\-P\fR \fIpassword\fP] <\fIexpression\fP> +ipmitool [\fB\-ghcvV\fR] \fB\-I\fR \fIlan\fP \fB\-H\fR \fIhostname\fP [\fB\-a\fR|\fB\-E\fR|\fB\-P\fR \fIpassword\fP] <\fIexpression\fP> .br ipmitool [\fB\-ghcvV\fR] \fB\-I\fR \fIopen\fP <\fIexpression\fP> .SH "DESCRIPTION" @@ -34,11 +34,17 @@ Selects IPMI interface to use. Possible interfaces are \fIlan\fP or \fIopen\fP. \fB\-H\fR <\fIaddress\fP> Remote server address, can be IP address or hostname. This option is required for the LAN interface connection. .TP -\fB\-P\fR <\fIpassword\fP> -Remote server password, 16 character maximum. This is optional for the LAN interface, if it is not provided the session will not be authenticated. -.TP \fB\-U\fR <\fIusername\fP> Remote username, default is NULL user. +.TP +\fB\-a\fR +Promt for the remote server password, 16 character maximum. This is optional for the LAN interface, if a password is not provided the session will not be authenticated. +.TP +\fB\-E\fR +The remote server password is specified by the environment variable \fBIPMITOOL_PASSWORD\fR. This option is intended for shell scripts. +.TP +\fB\-P\fR <\fIpassword\fP> +Remote server password. \fBNote!\fR Specifying the password as a commandline option is not recommended since it will be visible in the process list. .SH "EXPRESSIONS" .LP .TP diff --git a/ipmitool/src/ipmitool.c b/ipmitool/src/ipmitool.c index bbee7c5..2f6c775 100644 --- a/ipmitool/src/ipmitool.c +++ b/ipmitool/src/ipmitool.c @@ -76,7 +76,10 @@ void usage(void) printf(" -g Attempt to be extra robust in LAN communications\n"); printf(" -H hostname Remote host name for LAN interface\n"); printf(" -p port Remote RMCP port (default is 623)\n"); - printf(" -P password Remote administrator password\n"); + printf(" -U username Remote username\n"); + printf(" -a Prompt for remote password\n"); + printf(" -E Read remote password from environment\n"); + printf(" -P password Remote password\n"); printf(" -I intf Inteface to use\n"); printf("\n\n"); @@ -255,14 +258,14 @@ int main(int argc, char ** argv) { int (*submain)(struct ipmi_intf *, int, char **); struct ipmi_intf * intf = NULL; - char * hostname = NULL, * password = NULL, * username = NULL; + char * hostname = NULL, * password = NULL, * username = NULL, * tmp; int argflag, i, rc=0, port = 623, pedantic = 0; char intfname[32]; if (ipmi_intf_init() < 0) exit(EXIT_FAILURE); - while ((argflag = getopt(argc, (char **)argv, "hVvcgI:H:P:U:p:")) != -1) + while ((argflag = getopt(argc, (char **)argv, "hVvcgEaI:H:P:U:p:")) != -1) { switch (argflag) { case 'h': @@ -294,6 +297,9 @@ int main(int argc, char ** argv) hostname = strdup(optarg); break; case 'P': + if (password) + free (password); + password = strdup(optarg); /* Prevent password snooping with ps */ @@ -301,6 +307,31 @@ int main(int argc, char ** argv) memset (optarg, 'X', i); break; + + case 'E': + if ((tmp = getenv ("IPMITOOL_PASSWORD"))) + { + if (password) + free (password); + + password = strdup (tmp); + } + break; + + case 'a': +#ifdef HAVE_GETPASSPHRASE + if ((tmp = getpassphrase ("Password: "))) +#else + if ((tmp = getpass ("Password: "))) +#endif + { + if (password) + free (password); + + password = strdup (tmp); + } + break; + case 'U': username = strdup(optarg); break;