Some HTTP or FTP servers restrict access to protected resources, requiring a username and password before allowing downloads. This basic authentication ensures that only authorized users can access files or data. wget supports providing credentials directly on the command line or interactively, making it convenient to automate downloads that require login.

By including the user and password parameters, wget can pass credentials with each request. For servers that do not allow credentials in URLs, wget prompts for the password interactively when instructed, preventing sensitive information from appearing in command history. Additionally, credentials can be managed through configuration files or environment variables.

Storing credentials securely is critical. Avoid placing passwords directly in scripts or logs. Minimizing credential exposure ensures that automated downloads remain secure while still providing the flexibility to access protected resources via wget.

Steps to authenticate using basic authentication in wget:

  1. Open a terminal.
  2. Specify the username and password with the --user and --password options.
    $ wget --user=username --password=yourpassword https://example.com/protected-resource.zip
    --2024-12-10 10:02:00--  https://example.com/protected-resource.zip
    Resolving example.com... connected.
    HTTP request sent, awaiting response... 200 OK
    Saving to: ‘protected-resource.zip’
  3. Prompt for the password to avoid typing it on the command line.
    $ wget --user=myusername --ask-password https://www.example.com/protected/resource.txt
    Password: 
    --2024-12-10 10:02:30--  https://www.example.com/protected/resource.txt
    HTTP request sent, awaiting response... 200 OK

    Using --ask-password prevents the password from appearing in history or process listings.

  4. Use the same options for FTP authentication.
    $ wget --user=username --password=yourpassword ftp://ftp.example.com/private-data.tar.gz
  5. Store credentials in a .wgetrc file with appropriate permissions.
    $ echo "user=username" > ~/.wgetrc
    $ echo "password=yourpassword" >> ~/.wgetrc
    $ chmod 600 ~/.wgetrc

    Ensure the .wgetrc file is secured with restrictive permissions to avoid exposing credentials.

  6. Run wget without specifying credentials if they are set in .wgetrc.
    $ wget https://example.com/protected-resource.zip
  7. Use an environment variable to store the password for better security.
    $ read -sp "Enter Password: " PASSWORD
    $ wget --user=username --password=$PASSWORD https://example.com/protected-resource.zip

    This approach prevents the password from appearing in shell history.

Discuss the article:

Comment anonymously. Login not required.