📅 Original date posted:2013-05-07
📝 Original message:BTW, Adam, I suspect you might be using the console in the GUI, and that might be
under Windows for all I know, but I usually do it this way on the command line
under Linux:
echo -n "Password: ";bitcoind walletpassphrase `stty -echo;read p;echo $p;stty echo` 60; echo
This uses the JSON API to unlock the wallet (for 60 seconds; which is the "60"
at the end), and should work for either the GUI (if you start it with the
-server flag) or the headless bitcoind. It keeps the password that you type
off the console, and also keeps it out of the history file. The only issue
with it is that it will show up in the process tree as an argument of the
command for the period of time that the JSON API is being prepared and sent,
which should be fairly short. This might be a concern if you are on a
multi-user system (you probably shouldn't be doing this anyway), or
worry that spyware might be monitoring for passwords (though if you are
worried about spyware, you should already be concerned about keyloggers,
so...) I doubt this will work (without significant modifications) on
Windows without Cygwin, though.
-Craig
On Tue, May 07, 2013 at 02:16:41PM +0200, Adam Back wrote:
> Hi
>
> Three minor security/other issues:
>
> 1. please a way to unlock the wallet without displaying wallet password in
> console screen (console unlock wallet, to import priv key); or
Craig B Agricola [ARCHIVE] /
npub1lj…skq2a
2023-06-07 14:56:41
in reply to nevent1q…zvvx
Author Public Key
npub1lj56q7c5d4dwq00say35ts92hmn8pe0lh2jj5c23dph236ev0dcsyskq2aPublished at
2023-06-07 14:56:41Event JSON
{
"id": "051ec20f576d792db9c60faafdac5ce7e082ebb0534d40bb7ab697d28c637fa9",
"pubkey": "fca9a07b146d5ae03df0e92345c0aabee670e5ffbaa52a6151686ea8eb2c7b71",
"created_at": 1686149801,
"kind": 1,
"tags": [
[
"e",
"dceb090145c2ebd6073f9959fd803b8d5d0477c98fddd9498ee25b7a2df1f0c3",
"",
"root"
],
[
"e",
"4a87e39087f169d40179cd9cbefe7f92ce73c600628fe3e7a4d411daac6eb740",
"",
"reply"
],
[
"p",
"ee0fa66772f633411e4432e251cfb15b1c0fe8cd8befd8b0d86eb302402a8b4a"
]
],
"content": "📅 Original date posted:2013-05-07\n📝 Original message:BTW, Adam, I suspect you might be using the console in the GUI, and that might be\nunder Windows for all I know, but I usually do it this way on the command line\nunder Linux:\n\necho -n \"Password: \";bitcoind walletpassphrase `stty -echo;read p;echo $p;stty echo` 60; echo\n\nThis uses the JSON API to unlock the wallet (for 60 seconds; which is the \"60\"\nat the end), and should work for either the GUI (if you start it with the\n-server flag) or the headless bitcoind. It keeps the password that you type\noff the console, and also keeps it out of the history file. The only issue\nwith it is that it will show up in the process tree as an argument of the\ncommand for the period of time that the JSON API is being prepared and sent,\nwhich should be fairly short. This might be a concern if you are on a\nmulti-user system (you probably shouldn't be doing this anyway), or\nworry that spyware might be monitoring for passwords (though if you are\nworried about spyware, you should already be concerned about keyloggers,\nso...) I doubt this will work (without significant modifications) on\nWindows without Cygwin, though.\n\n -Craig\n\nOn Tue, May 07, 2013 at 02:16:41PM +0200, Adam Back wrote:\n\u003e Hi\n\u003e \n\u003e Three minor security/other issues:\n\u003e \n\u003e 1. please a way to unlock the wallet without displaying wallet password in\n\u003e console screen (console unlock wallet, to import priv key); or",
"sig": "13f5c36837386fb110f80cee360cfc8e2e46280b7179e36885247787c043f0669694ac8a99c182403d4a23c909b9302bc2ff497d7a9202ef976a5eb54c810a0d"
}