Hide Forgot
Description of problem: You need to provide a password unto the cmdline when using the katello cmdline tool eg: # katello -u user -p cleartextpassword org list Not providing the password should query for it in a secure manner, so you don't end up with passwords in .bash_history and other places. Version-Release number of selected component (if applicable): 1.4.8-1.git.4.c940d43.el6 How reproducible: N/A Steps to Reproduce: N/A Actual results: The katello cmdline tool requires you to pass your password in cleartext at least once when using it. Expected results: There should be a query for my user and/or password, if they are missing. # katello org list Enter username: myuser Enter password: --------------------------- Organization List ID Name Label Description --------------------------- 1 ACME_Corporation ACME_Corporation ACME_Corporation Organization # # katello -u myuser org list Enter password: --------------------------- Organization List ID Name Label Description --------------------------- 1 ACME_Corporation ACME_Corporation ACME_Corporation Organization # Additional info: Not fixed, this is a fairly serious security risk.
moving to our downstream product to include this. Our CLI is undergoing a lot of work and this may be included
*** This bug has been marked as a duplicate of bug 958115 ***