Maven allows you to create and store encrypted passwords to use for automatic server authentication:
# Create an encrypted master password, to be stored in ~/.m2/settings-security.xml
$ mvn -emp foobar
# Create an encrypted password, to be used in ~/.m2/settings.xml
$ mvn -ep barfoo
While the above is quick and easy, the major drawback of it is that you must enter the password as part of the command. Things like your shell scroll back buffer or history might keep them in plaintext, exposing them to malicious eyes.
One way to avoid this security issue is to wrap password encryption in a small shell script which will prompt you to enter a password, and then pass it to maven, ho harmful echo or history involved. Here's an example:
## Encrypt your maven password without leaving any trace in the shell history
## Carlo Sciolla email@example.com
## v1 - 20131205
read -s -p "$OUT" PASS
mvn -ep "$PASS"
The key part in the above script is the
read invocation, which uses
-s to disable echo and
-p to set a custom prompt. The password will be temporarily stored in the
PASS variable, and then used by maven.
Here's a sample run of the above script: