You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Merge #10997: RPC: Add option -stdinrpcpass to bitcoin-cli to allow RPC password to be read from standard input
79191f5 Add option -stdinrpcpass to allow RPC password to be read from standard input (Joe Harvell)
Pull request description:
Add a new command-line option to bitcoin-cli that allows the RPC password to be read from standard intput. The purpose of this option is to allow secure RPC password input to bitcoin-cli through an external program that is capable of disabling terminal echo.
This option works similarly to the existing -stdin option, and also works when combined with that option.
I have also written a simple ncurses based program that disables echo, gets input from the terminal and writes to standard output. I couldn't find an existing askpass program that doesn't require graphics libraries, since they are primarily used for getting passwords in a graphics environment. Unless someone can point out a suitable existing askpass program, I plan to submit my ncurses program to the contrib directory separately from this pull request.
Tree-SHA512: 6d426d757de325d928fab42ea8e423273a7dea9f838acb745ccf9f9daa2b47e23044ec1c019cda1a081253f5145fc10f79ae82dfe7f8e952e1f271ec56018e14
Copy file name to clipboardExpand all lines: src/bitcoin-cli.cpp
+10-3Lines changed: 10 additions & 3 deletions
Original file line number
Diff line number
Diff line change
@@ -45,7 +45,8 @@ std::string HelpMessageCli()
45
45
strUsage += HelpMessageOpt("-rpcuser=<user>", _("Username for JSON-RPC connections"));
46
46
strUsage += HelpMessageOpt("-rpcpassword=<pw>", _("Password for JSON-RPC connections"));
47
47
strUsage += HelpMessageOpt("-rpcclienttimeout=<n>", strprintf(_("Timeout in seconds during HTTP requests, or 0 for no timeout. (default: %d)"), DEFAULT_HTTP_CLIENT_TIMEOUT));
48
-
strUsage += HelpMessageOpt("-stdin", _("Read extra arguments from standard input, one per line until EOF/Ctrl-D (recommended for sensitive information such as passphrases)"));
48
+
strUsage += HelpMessageOpt("-stdinrpcpass", strprintf(_("Read RPC password from standard input as a single line. When combined with -stdin, the first line from standard input is used for the RPC password.")));
49
+
strUsage += HelpMessageOpt("-stdin", _("Read extra arguments from standard input, one per line until EOF/Ctrl-D (recommended for sensitive information such as passphrases). When combined with -stdinrpcpass, the first line from standard input is used for the RPC password."));
49
50
strUsage += HelpMessageOpt("-rpcwallet=<walletname>", _("Send RPC for non-default wallet on RPC server (argument is wallet filename in bitcoind directory, required if bitcoind/-Qt runs with multiple wallets)"));
// Try fall back to cookie-based authentication if no password is provided
223
224
if (!GetAuthCookie(&strRPCUserColonPass)) {
224
225
throwstd::runtime_error(strprintf(
225
-
_("Could not locate RPC credentials. No authentication cookie could be found, and no rpcpassword is set in the configuration file (%s)"),
226
+
_("Could not locate RPC credentials. No authentication cookie could be found, and RPC password is not set. See -rpcpassword and -stdinrpcpass. Configuration file: (%s)"),
0 commit comments