From a30b27bb40a309ad00e2bba868b8aac90e60e0e1 Mon Sep 17 00:00:00 2001
From: Kim Oliver Drechsel <kim@drechsel.xyz>
Date: Tue, 14 Mar 2023 12:34:52 +0100
Subject: [PATCH] Hide password in userdata parser

Replace password in log output with asterisks
Fixes #362

## Results:
Before: `[bash] Parsing user data: "user:abc!123:3000:4000:/user/home"`
After: `[bash] Parsing user data: "user:******:3000:4000:/user/home"`
---
 files/create-sftp-user | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/files/create-sftp-user b/files/create-sftp-user
index 47b362d4..07daea74 100755
--- a/files/create-sftp-user
+++ b/files/create-sftp-user
@@ -29,7 +29,8 @@ function validateArg() {
     fi
 }
 
-log "Parsing user data: \"$1\""
+# Replace password in log output with asterisks
+log "Parsing user data: \"$(echo "$1" | cut -d: -f1,3- | sed -e '1,/:/{s/:/:******:/}')\""
 IFS=':' read -ra args <<< "$1"
 
 skipIndex=0