How to Avoid Passwords in Power Manager Scripts

Last time we talked about managing Macs with Power Manager's pmctl command line tool. I am going to explain how pmctl supports Mac OS X's Keychain and how you can avoid needing to enter your name and password each time you connect to a remote Mac.

This recipe is for Power Manager 4; for the latest version, please see Scripting without Passwords.

Last time we talked about managing Macs with Power Manager’s pmctl command line tool. I am going to explain how pmctl supports Mac OS X’s Keychain and how you can avoid needing to enter your name and password each time you connect to a remote Mac.

pmctl creates a secure connection to the remote Mac. To set up this connection you are typically asked for a user name and password; this name and password pair is referred to as your credentials.

Let’s look at the a typical sequence for a command asking for Power Manager’s build.version:

./pmctl -u pm://Mac-Pro.local:8765 build.version
Login:gcm
Password: (typed characters are hidden)
"uk.co.dssw.powermanager.pmd v4.0.2"

Connect to a Mac using Power Manager pmctl

The two lines, Login: and Password:, can be avoided if you use Mac OS X’s Keychain to securely store these credentials.

pmctl first looks for suitable credentials in your Keychain. If found, the Keychain supplied credentials will be used to connect. This lets you avoid entering your details each and every time you connect. Even more useful is that with pmctl supporting the Keychain, you can write shell scripts and tools that do not need to hardcode your credentials.

For pmctl to find suitable credentials in the Keychain, you must provide your credentials once along with the associated URL.

Once set up, the sequence we looked at early will be reduced to the following:

./pmctl -u pm://Mac-Pro.local:8765 build.version
"uk.co.dssw.powermanager.pmd v4.0.2"

Set up Keychain support with a single command to pmctl

The two steps asking for the Login and Password are no longer required thanks to the Keychain.

How to Create a Keychain Password Item for pmctl

  1. Launch the Terminal.app: Applications > Utilities > Terminal.app

  2. Change directory to the Power Manager tools folder using the following command:

    cd '/Library/Application Support/Power Manager/Tools'
    
  3. Ask pmctl to create a Keychain password item for a URL using the following command:

    ./pmctl -k pm://Mac-Pro.local:8765
    

    Using Keychain speeds up connecting with Power Manager pmctl

    You will next be asked for your user name and password. These credentials will be used to create a Keychain password item associated with the provided URL. In this case the URL is pm://Mac-Pro.local:8765.

    You can repeat this command with as many different URLs as needed.