Using a password in a shell script

Partridge2562 · December 6, 2024, 1:54pm

I have a shell script that accesses a service using a password. What would be a better idea than copying the password from vaultwarden and pasting it in clear text in the script?

The host has docker for vaultwarden so is docker secrets a possibility?

Encrypting the password with openssl into a file and putting the decryption key in clear text in the script is an idea found by googling.

Can vaultwarden encrypted json export a single entry and can a script decrypt the json file?

vermi · December 10, 2024, 7:27pm

I recommend Hashicorp Vault for this use case. Scriptable, secure, OS/Free software.

BlackDex · December 10, 2024, 8:53pm

Or use the Bitwarden CLI either the cli it self, or via the serve command.

Partridge2562 · December 13, 2024, 1:14am

I ended up using Bitwarden CLI which works flawlessly with vaultwarden. I created a new user & vault exclusively for scripting secrets to limit the attack surface.

Hashicorp Vault seems really great but the learning curve is more than I can handle.

Thanks for the tips!

Topic		Replies	Views
Access passwords using python Help	4	802	December 21, 2023
CLI doesn't seem to work Help	16	4930	July 9, 2021
Importing encrypted json to org vault not working	1	346	July 10, 2023
Getting password data from a vaultwarden install when the web interface isn't working Help	3	603	December 13, 2022
API basics - how to pull a password Help	7	6357	October 7, 2024

Using a password in a shell script

Related topics