sub text_to_shell_lit(_) {
return $_[0] if $_[0] =~ /^[a-zA-Z0-9_\-]+\z/;
my $s = $_[0];
$s =~ s/'/'\\''/g;
return "'$s'";
}
my $user = 'bob';
my $passwd = 'test$ing';
my $echo_cmd = join ' ', map text_to_shell_lit,
echo => $passwd;
my $passwd_cmd = join ' ', map text_to_shell_lit,
passwd => '--', $user;
my $ssh_cmd = join ' ', map text_to_shell_lit,
ssh => 'hostname', "$echo_cmd | $passwd_cmd";
ssh hostname 'echo '\''test$ing'\'' | passwd -- bob'
Note that command lines are readable by anyone on the machine. It is not safe to pass passwords in command lines. Yet another reason why opening a pipe to ssh is better. |