Im having an issue when viewing the report, the password entere/typed is being exposed on plain text.


So i have configured a command rewriting that if the shell is cpcksh it will rewrite to bash.

What happens is, viewing the report if it prompted a password and it typed. On the <ssh> report it will not display the password



However, on the -cpcksh command it is being revealed.



And also, the User and RunUser is being displayed as root, shouldnt be User = (AD Username) and RunUser = pamprime (local account on the server)?
https://i.imgur.com/wu7guIS.png
Should it be the same details and the only differences should be the command? <ssh> and -cpcksh?

The rule for the SSH is this:
https://i.imgur.com/ATtwP36.png

The command rewriting is this:
https://i.imgur.com/30a7WnU.png

Thanks for the help!