I have a Linux box running Netatalk that I use to store Time Machine backups. My machine running OS X sees this as an AFP service and Time Machine is happy with this arrangement. The only issue is that I need to manually connect to the Linux machine. I can do this by pressing buttons in Finder or I can do this form a shell with a command that looks like this:
mount -t afp afp://user:password@domain.tld/location /Volumes/mntpnt
This lets me automate connecting to the server but now I have a password saved in a plaintext shell script. What's a better way to automate this? My goal is to automatically allow Time Machine to access the Linux Machine if it can be reached.
To automate something like this with SSH I would authenticate with a passwordless key. Is there a way to do that with AFP?
I also have the password in my OS X keychain and I'm not prompted for a password if I go through Finder to connect to the Linux machine. Is there a sensible way to access to use this from a shell script?
I can provide more info about the Netatalk setup if that helps but it seems like the issue is on the client side.
Best Answer
Here's how you can pull the password out of the Keychain in OS X.
This presumes the item is stored in the keychain with the name "mntpt"
Then you should be able to use your script on the next line: