getpass - Linux


getpass is a command-line utility used to securely read a password from the standard input without echoing it to the screen. It is designed for scenarios where you need to obtain a password without revealing it during entry, such as when automating password-protected operations or interacting with programs that require user credentials.


getpass [options] prompt


  • -d or –default: Specifies a default password to be used if the user does not provide one.
  • -e or –echo: Prints the entered password as it is typed. This is primarily used for debugging purposes and should generally be avoided for security reasons.
  • -s or –silent: Suppresses the display of the prompt and any error messages.


  • To prompt the user for a password and read it without echoing:
password=$(getpass "Enter password:")
  • To use a default password if the user does not provide one:
getpass -d "default_password" "Enter password (default 'default_password'):"
  • To echo the password as it is typed for debugging:
getpass -e "Enter password:"

Common Issues

  • Empty Password: If the user enters an empty password, the command will return an empty string.
  • Echoing Password: Using the -e or --echo flag can compromise security, as the password will be visible during input.
  • User Authentication: The command does not perform any user authentication or validation. It simply reads the password from the input and returns it.


getpass can be integrated with other commands to automate tasks and enhance security:

  • Secure File Transfer: Combine with commands like scp and rsync to transfer files without exposing passwords.
  • Cron Jobs: Use getpass to securely store passwords for automated scripts that need to access password-protected resources.
  • Command Pipelines: Pipe the output of getpass into other commands to avoid hardcoding passwords, for example:
echo "$(getpass "Enter password:")" | ssh user@host

Related Commands

  • read: Reads a line of text from the standard input.
  • expect: A tool for automating interactive applications, including password input.
  • secret: A command-line tool for safely storing and retrieving secrets, including passwords.