Unable to type Github password when prompted

nam (Nam Nguyễn Hoàng) 2017-10-11 14:02:49 UTC #1

I am installing OpenMRR according to this document: https://wiki.openmrs.org/display/docs/OpenMRS+SDK+Step+By+Step+Tutorials
at the second step:
mvn openmrs-sdk:clone -DgroupId=org.openmrs.module -DartifactId=webservices.rest
when asked for GitHub credential, I was able to give my Username, but when prompted for password, the Command Prompt become unresponsive to all keyboard input except Enter, which prevent me from giving my password and continue. The full problem is as below:

mvn openmrs-sdk:clone -DgroupId=org.openmrs.module -DartifactId=webservices.rest
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building Maven Stub Project (No POM) 1
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- openmrs-sdk-maven-plugin:3.11.0:clone (default-cli) @ standalone-pom ---
[INFO] Configured Artifact: org.openmrs.module:webservices.rest:2.20.0:pom
[INFO] Copying webservices.rest-2.20.0.pom to C:\Users\ASUS-PC\pom\webservices.rest-2.20.0.pom
Please specify your GitHub username: Nam-Nguyen-Hoang
Please specify your GitHub password:
//Unable to type anything but Enter
Forking openmrs-module-webservices.rest from openmrs
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 01:02 h
[INFO] Finished at: 2017-10-11T20:57:44+07:00
[INFO] Final Memory: 20M/284M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.openmrs.maven.plugins:openmrs-sdk-maven-plugin:3.11.0:clone (default-cli) on project standalone-pom: Execution default-cli of goal org.openmrs.maven.plugins:openmrs-sdk-maven-plugin:3.11.0:clone failed: Failed to fork repository: cannot retry due to server authentication, in streaming mode -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/PluginExecutionException

How to close a Maven server after debugging

jtatia (Jai Tatia) 2017-10-11 14:18:04 UTC #2

I think it's more of a "you can't see" than "you can't type". You need to enter your password, even if you can't see it. Otherwise you can try the approach of forking the module in github, and then cloning it.

nam (Nam Nguyễn Hoàng) 2017-10-11 15:00:26 UTC #3

Thank you for the help. The program work okay now.
Though I have to ask, why would anyone design it that way? You would have no indicator of whether it is because of malfunction or is it working at all!

mksd (Dimitri R) 2017-10-11 15:26:12 UTC #4

This is nothing to do with the OpenMRS SDK, this is just how Un*x shells are dealing with password prompts.
For example you should be prompted for your local user password exactly the same way when trying this:

sudo ls /

I actually never paid attention that there was a cloning function in the SDK, you could as well just clone with Git directly and no password will be prompted:

git clone https://github.com/openmrs/openmrs-module-webservices.rest

r0bby (Robby O'Connor) 2017-10-11 18:44:08 UTC #5

For security purposes (should have been obvious) you don't see your PW when you type.

nam (Nam Nguyễn Hoàng) 2017-10-12 00:36:02 UTC #6

Not really. If it is for security reason, you can mask the password as "*********" instead of nothing. That way you know if there is any problem other than not being able to see the password. But since this is not OpenMRS SDK problem, guess there is nothing to do about it.

ykarim250 (Yusuf Karim) 2017-10-12 00:40:27 UTC #7

It adds a bit more security. Someone who sees your screen won't be able to guess your password. For user experience purposes, I get your point though.

r0bby (Robby O'Connor) 2017-10-12 04:45:05 UTC #8

Security isn't about your convenience.

reubenv (Reuben Varghese) 2017-10-13 09:05:43 UTC #9

Basically adds security by not giving out the length of the password either( It becomes a lot easier for a hacker to crack your password once the length of the password is known, read about dictionary attacks)

nam (Nam Nguyễn Hoàng) 2017-10-13 09:08:25 UTC #10

Fair enough. Thanks for the support guys, I have learned a lot, @jtatia, @mksd, @ykarim250, @r0bby and @reubenv