25

Is there a way to pass the username and password from a file instead of the command line via --user and --password?

Background: I want to run wget via cron and don't want the username/password show up in process view

user9517
  • 115,471
  • 20
  • 215
  • 297
casper
  • 519
  • 2
  • 6
  • 12

3 Answers3

28

I'm surprised nobody mentioned the .netrc file. Create the file if it doesn't exists and set safe permissions:

touch ~/.netrc
chmod 600 ~/.netrc

Subsequently add the hostname, username and password with the machine login and password keywords:

echo 'machine example.com login casper password CasperPassword' >> ~/.netrc

If you then run wget https://example.com and the server responds with 401 Authorization Required, wget will retry using the username and password from the ~/.netrc file.

With curl it's needed to add the --netrc (or --netrc-optional or --netrc-file) parameter, because curl will not read the .netrc file without that.

When using this from cron, ensure that the correct HOME environment variable is set. Cron often defaults to HOME=/ (in that case you would have to create the file as /.netrc, yet a better solution would be to set an appropriate HOME at the script's start, like export HOME=/root).

The ~/.netrc file can be used for multiple hosts. More info about .netrc at inetutils manual and curl manual.

Paul Tobias
  • 740
  • 1
  • 8
  • 11
  • 2
    For the syntax of `.netrc`, see its [manual](https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html), or the related [curl doc](https://ec.haxx.se/usingcurl-netrc.html). – ryenus Feb 06 '17 at 13:32
  • At first I'm too careless to see the `man netrc` in the OP, wondering WHY this works, then @ryenus your comment saves me, thanks~ Manual is always welcome :P Then I know it's a rc file used by `ftp`, that is, it may not work for http. I'll try it on http later. – Weekend Apr 29 '19 at 13:13
  • Quick update: _.netrc_ does work with wget and HTTP (at least on Ubuntu 18.04). Also related cURL doc was moved [here](https://everything.curl.dev/usingcurl/netrc). – Konrad Botor Mar 02 '22 at 09:47
13

Use a .wgetrc file (GNU manual) in which you can set username and passwords for either or both ftp and http.

To use the same credentials for both specify

user=casper
password=CasperPassword

or individually

ftp_user=casperftp
ftp_password=casperftppass
http_user=casperhttp
http_password=casperhttppass
sfuqua
  • 115
  • 5
Mike Renfro
  • 1,301
  • 1
  • 8
  • 11
  • 2
    The GNU [wget manual](http://www.gnu.org/software/wget/manual/wget.html#Security-Considerations) also suggests using the `-i` option and feeding the username and password in from standard input. – Richard May 08 '11 at 15:08
  • Does `.wgetrc` provide the flexibility to work with more than one server? If not, `.netrc` is a better solution, see [the other answer](http://serverfault.com/a/671578/91715) from tobias.pal – ryenus Feb 06 '17 at 13:26
  • I obviously missed wget using a `.netrc` file, but [it's documented](https://www.gnu.org/software/wget/manual/html_node/Startup-File.html). – Mike Renfro Feb 06 '17 at 18:13
2

In many regards curl can be a better choice. Wget became a bit stale over time.

curl's -n switch can be used for this task: http://curl.haxx.se/docs/manpage.html#-n

cstamas
  • 6,707
  • 25
  • 42