💾 Archived View for thrig.me › tech › sed.gmi captured on 2023-09-08 at 16:58:32. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2023-04-19)

-=-=-=-=-=-=-

Silent Ed, Hidden Dragon


    < begriffs> Yeah, I've set up some auto joining in there, but for
                those impromptu times when I'm visiting somewhere, it's
                nice to be able to join without popping hostname.iwn0
                open in a text editor to add an entry, and thereby
                displaying it in plaintext to the world
    < thrig> turn off tty echo and use ed
    < begriffs> next level
    < thrig> the vi level boss fight is pretty tough
    < begriffs> I can manage vi's ex mode, but I don't know how to
                disable tty echo. How do you do that?









ASR 33

A terminal will echo, except when it does not. Does not, hopefully, when a password is being requested, or is the default in productivity applications such as rogue or nethack. Something like a noecho() call usually has been made, though one need not use curses.

    $ man -k terminal | grep opt
    stty(1) - set the options for a terminal device interface
    Curses(3, 3p) - terminal screen handling and optimization
    $ man 1 stty | grep -1 echo | sed 2q
         echo (-echo)
                 Echo back (do not echo back) every character typed.

One may conclude that this approach is not viable via the test

    $ stty -echo
    $ echo echo
    echo
    $ stty echo

which clearly shows -echo not working as advertised. Or maybe it will?

This really depends on the shell, and what exactly it does prior to printing the prompt. Depending on the shell (and how you have configured it) this could be quite a lot of code, and maybe something runs to set the tty back to a known state after each command. One may try an alternative shell, especially an older one with fewer features, such as the Heirloom Bourne Shell:

https://heirloom.sourceforge.net/sh.html

I'll leave obtaining and compiling that as an exercise for the reader. Assuming heirloom-sh is available as hsh,

    $ hsh
    $ stty -echo
    $
    $ $ stty echo
    $

Not shown, because the commands were not echo'd, were "echo echo" and then "exit" to escape from the legacy that is the Heirloom Bourne Shell.

It may be good to write down or memorize "stty echo" or to know that "control+j reset control+j" may be of service, though in these indolent days it is probably easier just to close or kill a problematic shell.

Anyways, ancient old shells such as the Heirloom Bourne Shell (or maybe one that you wrote yourself) do not molest the tty settings between commands, for better or worse. Modern shells tend to, though may vary in exactly how much is reset, as one may learn if one develops a program that uses curses, or one that does molest the terminal state.

All is not lost, for multiple commands can be issued at once (this is back in the regular shell, which here is ksh as found in OpenBSD 7.2):

    $ stty -echo; stty | grep echo
    lflags: -iexten -echo echoe echok echoke echoctl pendin

This shows that echo is disabled. And it may still be, if you (or your shell) haven't been diligent at turning it back on again:

    $ stty | grep echo
    lflags: -iexten -echo echoe echok echoke echoctl pendin
    $ stty echo
    $ stty | grep echo
    lflags: -iexten echoe echok echoke echoctl pendin

Isn't hidden mutable state great?

Now we may have the idea that we can run

    $ stty -echo; ...; stty echo

to disable echo, run some command, and with a primitive UNWIND-PROTECT turn echo back on again. This command pattern is also useful for, say, a firewall rule change where one does not wish to be locked out of the system, or at least not locked out for too long:

    $ update-firewall; sleep 30; rollback-firewall

Back to echo.

    $ cat
    meow
    meow
    ^C
    $ stty -echo; cat; stty echo
    meow

    $ 

Here we see that cat(1) may suffice to edit a file without the edit being seen, though for cat > hostname.iwn0 or such one would need to type out the entire file, without error. If there is only one line, and that one line is a password, then cat and pasting the the password from the clipboard may suffice. Also control+d is probably a better way to signal the end of the cat than control+c.

Enter the Dragon

More complicated editors such as the ex that begriffs mentioned somewhere above may reset or possibly ignore the tty settings:

    $ stty -echo; ex; stty echo
    /tmp/vi.5mXGfxxXYK: new file: line 1
    :!stty | grep echo
    lflags: echoe echok echoke echoctl
    !
    :quit

See? ex turned echo back on. Hidden, mutable state.

As one can fall back to a Heirloom Bourne Shell, one can also fall back to an older and less complicated editor, ed. How to use ed I will not cover here; one way to stay sharp is

    $ grep editor ~/.gitconfig
      editor = ed

but this may be a level too far for most. Merges are pretty fun. Anyways, for an edit of hostname.iwn0 or some other file, one must have a mental picture of the file (or however your brain works, for me it's a picture), line to edit, and the manipulations involved. Opening the file to look at it is right out, as then someone (or something) might see (or, worse, record) the password, defeating the whole point of this perhaps pointless exercise.

A test file to practice on would be good.

    nwid FeralGoblinDehab wpa wpakey Gandalf1

So the picture here is to find wpakey and edit the next word, or maybe to find ^nwid and then edit the last word, both of which may have problems. Another approach would be to write the line with a unique token to replace, then to use the blind edit to replace the known unique token.

    nwid FeralGoblinDehab wpa wpakey XXX

Let's see how this works out...

    $ cat file
    nwid FeralGoblinDehab wpa wpakey XXX
    $ stty -echo; ed file; stty echo
    37
    nwid FeralGoblinDehab wpa wpakey XXX

That's no good, I did a /wpakey search, which was not echo'd, but ed helpfully printed the result. That is not what we want.

    $ stty -echo; ed file >/dev/null; stty echo
    $ cat file
    nwid FeralGoblinDehab wpa wpakey test

Excellent. Here, the ed commands given, from memory, are

    /wpakey
    s/XXX/test
    w
    q

Obviously one will have no idea what actually happened to the file without looking. This method can edit a file without the process being seen but in most cases is not practical, simply because of the risk of typos.

Wherein a More Sane Alternative is Considered

Write a small script or program that prompts for a wifi password and then carries out whatever obscure file edits and network management commands need be done. No, I do not like GUI for this; they far too often pick the wrong wireless network, or take longer to load and run than a CLI program. Worse, they may nag you with popups. YMMV.

On the other hand, I do have a GUI program--xembiggen--designed to show wifi passwords in as large a font as possible. But in that case the coffee shop password is already well known, and it's easier to show than tell.

vi(1)

On a somewhat related note, the vi(1) command "z" has a now weird option to limit the number of lines, perhaps useful in the low baud days when refreshing an excessive amount of text--more than a few hundred characters, say--would take too long. These days, the z1. sequence might at least be used to prank a user so foolish enough to leave their screen unlocked whilst they step away.

    [count1] z [count2] type
            Redraw, optionally repositioning and resizing the
            screen. If count2 is specified, limit the screen
            size to count2 lines.

Anyways, this got me to wondering (a few pages above here, but only shown now--another hidden, mutable state--whether one can turn off echo once one is already in vi or ex or whatever.

    $ ex
    /tmp/vi.aYsEH2zt6T: new file: line 1
    :!stty -echo
    !
    :speed 115200 baud;
    lflags: -echo echoe echok echoke echoctl
    iflags: -ixany ignpar
    oflags: -oxtabs
    cflags: cs8 -parenb
    eol2    status
    ^@      ^T
    !
    :!
    :quit

That's a yes, if your version of ex does not fiddle with the tty. More advanced (visual) editors such as vi likely do fiddle with the tty, so this will doubtless not work there, unless one were to write a plugin for said editor that does not show certain lines or certain portions of certain lines. But that would be more work.

That last idea lead to fillpass.c which can be found over in my scripts repository.

https://thrig.me/src/scripts.git

Back to tech index

tags #ed #ex #terminal