Safe FTP/wget Usage

Using a .netrc File

The Problem

Here we have a user who is downloading some_genome_file.fa from where it is hosted at https://someremotesite.org. They started the download with this command:

$ wget --user=bob --password=SEcrEt --continue https://someremotesite.org/some_genome_file.fa .

The file is downloading nicely but if another user runs ps or top they will see the list of the processes running on the system can see your password:

$ ps aux | grep wget
bob 11705 pts/12 0:08 wget wget --user=bob --password=SEcrEt --continue https://someremotesite.org/somefile.fa .

Here they can see user Bob’s process number 11705 downloading the file and Bob’s username and password at that site.

The Solution

Use a .netrc or a .wgetrc file. This is a file that you create in your $HOME directory. Give it permissions of 600. Insert you username and password in that file. The wget, ftp and curl programs will automatically use a .netrc if it is there.

A .netrc file example:

login bob
password SEcrEt

Do not leave extra newlines at the end of your netrc file. Some applications might interpret these as missing additional entries.

Do a man netrc and man wget for the details. Search the internet for examples on how to use them.