nmc_terminal_erase_line ();
success = get_secrets_from_user (request_id, title, msg, nmc->in_editor || nmc->ask,
- FALSE, nmc->pwds_hash, secrets);
+ nmc->show_secrets, nmc->pwds_hash, secrets);
if (success)
nm_secret_agent_simple_response (agent, request_id, secrets);
else {
g_printerr (_("Usage: nmcli connection { COMMAND | help }\n\n"
"COMMAND := { show | up | down | add | modify | edit | delete | monitor | reload | load }\n\n"
" show [--active] [--order <order spec>]\n"
- " show [--active] [--show-secrets] [id | uuid | path | apath] <ID> ...\n\n"
+ " show [--active] [id | uuid | path | apath] <ID> ...\n\n"
" up [[id | uuid | path] <ID>] [ifname <ifname>] [ap <BSSID>] [passwd-file <file with passwords>]\n\n"
" down [id | uuid | path | apath] <ID> ...\n\n"
" add COMMON_OPTIONS TYPE_SPECIFIC_OPTIONS SLAVE_OPTIONS IP_OPTIONS [-- ([+|-]<setting>.<property> <value>)+]\n\n"
"profiles are listed. When --active option is specified, only the active\n"
"profiles are shown. --order allows custom connection ordering (see manual page).\n"
"\n"
- "ARGUMENTS := [--active] [--show-secrets] [id | uuid | path | apath] <ID> ...\n"
+ "ARGUMENTS := [--active] [id | uuid | path | apath] <ID> ...\n"
"\n"
"Show details for specified connections. By default, both static configuration\n"
"and active connection data are displayed. It is possible to filter the output\n"
"using global '--fields' option. Refer to the manual page for more information.\n"
"When --active option is specified, only the active profiles are taken into\n"
- "account. --show-secrets option will reveal associated secrets as well.\n"));
+ "account. Use global --show-secrets option to reveal associated secrets as well.\n"));
}
static void
active = TRUE;
next_arg (&argc, &argv);
}
+ /* --show-secrets is deprecated in favour of global --show-secrets */
+ /* Keep it here for backwards compatibility */
if (!show_secrets && nmc_arg_is_option (*argv, "show-secrets")) {
show_secrets = TRUE;
next_arg (&argc, &argv);
next_arg (&argc, &argv);
}
}
+ show_secrets = nmc->show_secrets || show_secrets;
nmc->return_value = do_connections_show (nmc, active, show_secrets, order, argc, argv);
if (order)
g_array_unref (order);
" wifi [list [ifname <ifname>] [bssid <BSSID>]]\n\n"
" wifi connect <(B)SSID> [password <password>] [wep-key-type key|phrase] [ifname <ifname>]\n"
" [bssid <BSSID>] [name <name>] [private yes|no] [hidden yes|no]\n\n"
- " wifi hotspot [ifname <ifname>] [con-name <name>] [ssid <SSID>] [band a|bg] [channel <channel>]\n\n"
- " [password <password>] [--show-password]\n\n"
+ " wifi hotspot [ifname <ifname>] [con-name <name>] [ssid <SSID>] [band a|bg] [channel <channel>] [password <password>]\n\n"
" wifi rescan [ifname <ifname>] [[ssid <SSID to scan>] ...]\n\n"
" lldp [list [ifname <ifname>]]\n\n"
));
"\n"
"ARGUMENTS := wifi hotspot [ifname <ifname>] [con-name <name>] [ssid <SSID>]\n"
" [band a|bg] [channel <channel>] [password <password>]\n"
- " [--show-password]\n"
"\n"
"Create a Wi-Fi hotspot. Use 'connection down' or 'device disconnect'\n"
"to stop the hotspot.\n"
"band - Wi-Fi band to use\n"
"channel - Wi-Fi channel to use\n"
"password - password to use for the hotspot\n"
- "--show-password - tell nmcli to print password to stdout\n"
"\n"
"ARGUMENTS := rescan [ifname <ifname>] [[ssid <SSID to scan>] ...]\n"
"\n"
goto error;
}
password = *argv;
+ /* --show-password is deprecated in favour of global --show-secrets option */
+ /* Keep it here for backwards compatibility */
} else if (nmc_arg_is_option (*argv, "show-password")) {
show_password = TRUE;
} else {
argc--;
argv++;
}
+ show_password = nmc->show_secrets || show_password;
/* Verify band and channel parameters */
if (!channel) {
ask)
_nmcli_array_delete_at words 0
;;
+ show-secrets)
+ _nmcli_array_delete_at words 0
+ ;;
order)
if [[ "${#words[@]}" -eq 2 ]]; then
local ord="${words[1]}"
fi
_nmcli_array_delete_at words 0 1
;;
- show-secrets)
- _nmcli_array_delete_at words 0
- ;;
active)
_nmcli_array_delete_at words 0
;;
hairpin| \
save| \
hidden| \
- private| \
- show-password)
+ private)
if [[ "${#words[@]}" -eq 2 ]]; then
_nmcli_list "yes no"
return 0
local COMMAND_CONNECTION_ACTIVE=""
HELP_ONLY_AS_FIRST=
- local LONG_OPTIONS=(terse pretty mode fields colors escape nocheck ask wait version help)
+ local LONG_OPTIONS=(terse pretty mode fields colors escape nocheck ask show-secrets wait version help)
_nmcli_compl_OPTIONS
i=$?
case "$command" in
s|sh|sho|show)
if [[ ${#words[@]} -eq 3 ]]; then
- _nmcli_compl_COMMAND_nl "${words[2]}" "$(printf "id\nuuid\npath\napath\n%s" "$(_nmcli_con_show NAME)")" active show-secrets order
+ _nmcli_compl_COMMAND_nl "${words[2]}" "$(printf "id\nuuid\npath\napath\n%s" "$(_nmcli_con_show NAME)")" active order
elif [[ ${#words[@]} -gt 3 ]]; then
_nmcli_array_delete_at words 0 1
- LONG_OPTIONS=(help active show-secrets order)
+ LONG_OPTIONS=(help active order)
HELP_ONLY_AS_FIRST=1
_nmcli_compl_OPTIONS
i=$?
;;
h|ho|hot|hots|hotsp|hotspo|hotspot)
_nmcli_array_delete_at words 0 2
- OPTIONS=(ifname con-name ssid band channel password show-password)
+ OPTIONS=(ifname con-name ssid band channel password)
_nmcli_compl_ARGS
;;
r|re|res|resc|resca|rescan)
" -e[scape] yes|no escape columns separators in values\n"
" -n[ocheck] don't check nmcli and NetworkManager versions\n"
" -a[sk] ask for missing parameters\n"
+ " -s[how-secrets] allow displaying passwords\n"
" -w[ait] <seconds> set timeout waiting for finishing operations\n"
" -v[ersion] show program version\n"
" -h[elp] print this help\n"
nmc->nocheck_ver = TRUE;
} else if (matches (opt, "-ask") == 0) {
nmc->ask = TRUE;
+ } else if (matches (opt, "-show-secrets") == 0) {
+ nmc->show_secrets = TRUE;
} else if (matches (opt, "-wait") == 0) {
unsigned long timeout;
next_arg (&argc, &argv);
memset (&nmc->print_fields, '\0', sizeof (NmcPrintFields));
nmc->nocheck_ver = FALSE;
nmc->ask = FALSE;
+ nmc->show_secrets = FALSE;
nmc->use_colors = NMC_USE_COLOR_AUTO;
nmc->in_editor = FALSE;
nmc->editor_status_line = FALSE;
NmcPrintFields print_fields; /* Structure with field indices to print */
gboolean nocheck_ver; /* Don't check nmcli and NM versions: option '--nocheck' */
gboolean ask; /* Ask for missing parameters: option '--ask' */
+ gboolean show_secrets; /* Whether to display secrets (both input and output): option '--show-secrets' */
gboolean in_editor; /* Whether running the editor - nmcli con edit' */
gboolean editor_status_line; /* Whether to display status line in connection editor */
gboolean editor_save_confirmation; /* Whether to ask for confirmation on saving connections with 'autoconnect=yes' */
.br
\fB\-a\fR[\fIsk\fR]
.br
+\fB\-s\fR[\fIhow-secrets\fR]
+.br
\fB\-w\fR[\fIait\fR] <seconds>
.br
\fB\-v\fR[\fIersion\fR]
This option controls, for example, whether you will be prompted for a password
if it is required for connecting to a network.
.TP
+.B \-s, \-\-show-secrets
+When using this option \fInmcli\fP will display passwords and secrets that might
+be present in an output of an operation. This option also influences echoing
+passwords typed by user as an input.
+.TP
.B \-w, \-\-wait <seconds>
This option sets a timeout period for which \fInmcli\fP will wait for \fINetworkManager\fP
to finish operations. It is especially useful for commands that may take a longer time to
profiles are listed. When --active option is specified, only the active profiles
are shown.
.TP
-.B show [--active] [--order <order spec>] [--show-secrets] [ id | uuid | path | apath ] <ID> ...
+.B show [--active] [--order <order spec>] [ id | uuid | path | apath ] <ID> ...
.br
Show details for specified connections. By default, both static configuration
and active connection data are displayed. When --active option is specified,
-only the active profiles are taken into account. When --show-secrets option is
-specified, secrets associated with the profile will be revealed too.
+only the active profiles are taken into account. Use global --show-secrets option
+to display secrets associated with the profile.
.sp
Ordering:
.br
Otherwise the SSID would not be found and the connection attempt would fail.
.RE
.TP
-.B wifi hotspot [ifname <ifname>] [con-name <name>] [ssid <SSID>] [band a|bg] [channel <channel>]
-.B [password <password>] [--show-password]
+.B wifi hotspot [ifname <ifname>] [con-name <name>] [ssid <SSID>] [band a|bg] [channel <channel>] [password <password>]
.br
Create a Wi-Fi hotspot. The command creates a hotspot connection profile according to
Wi-Fi device capabilities and activates it on the device. The hotspot is secured with WPA
\(en password to use for the created hotspot. If not provided,
nmcli will generate a password. The password is either WPA
pre-shared key or WEP key.
-.IP \fI--show-password\fP 17
-\(en tell nmcli to print the password to stdout. It is useful
-when the user did not provide his own password.
+.PP
+Note that \fI--show-secrets\fP global option can be used to print the hotspot
+password. It is useful especially when the password was generated.
.RE
.TP
.B wifi rescan [ifname <ifname>] [[ssid <SSID>] ...]
.IP
shows details for "My default em1" connection profile.
-.IP "\fB\f(CWnmcli connection show --show-secrets \(dq\&My Home WiFi\(dq\&\fP\fP"
+.IP "\fB\f(CWnmcli --show-secrets connection show \(dq\&My Home WiFi\(dq\&\fP\fP"
.IP
shows details for "My Home WiFi" connection profile with all passwords.
Without \fI--show-secrets\fP option, secrets would not be displayed.
the first time. Next time, it is better to use 'nmcli con up id "My cafe"' so that the
existing connection profile can be used and no additional is created.
-.IP "\fB\f(CWnmcli dev wifi hotspot -s con-name QuickHotspot\fP\fP"
+.IP "\fB\f(CWnmcli -s dev wifi hotspot con-name QuickHotspot\fP\fP"
.IP
creates a hotspot profile and connects it. Prints the hotspot password the user should use
to connect to the hotspot from other devices.