How to authenticate using username and password in Wget

When accessing certain websites or servers using Wget, authentication might be necessary. Websites or servers that are password protected, for instance, will require a username and password for access. This is common when downloading files from private repositories, FTP servers, or HTTP sites with basic authentication.

Wget, an open-source utility for non-interactive file downloading from the web, provides options to specify the required credentials. When using Wget in scripts or for scheduled tasks, it's particularly useful to know how to provide these credentials without being prompted.

However, be cautious about where and how you store these credentials, especially when scripting, as they can be accessed by unauthorized users if not properly protected.

Steps to authenticate using Wget:

Open the terminal.

Use the –user and –password flags to provide the necessary credentials.

$ wget --user=username --password=yourpassword https://example.com/protected-resource.zip

Prompt for password to avoid exposing it in the command line.
```
$ wget --user=myusername --ask-password https://www.example.com/protected/resource.txt
```
When using –ask-password, Wget will prompt you for the password, ensuring it's not saved in command history.

For FTP transfers, the same flags apply.

$ wget --user=username --password=yourpassword ftp://ftp.example.com/private-data.tar.gz

If you're working with a script, consider using a .wgetrc configuration file to avoid exposing credentials in the command line history.
```
echo "user=username
password=yourpassword" > ~/.wgetrc
```
Make sure to set the correct permissions on the .wgetrc file to prevent unauthorized access. Use the command:
```
$ chmod 600 ~/.wgetrc
```
Execute Wget without the –user and –password flags if you've set up the .wgetrc file.
```
$ wget https://example.com/protected-resource.zip
```
To avoid storing the password in a file, you can use the read command and a variable.
```
$ read -sp "Enter Password: " PASSWORD
$ wget --user=username --password=$PASSWORD https://example.com/protected-resource.zip
```
This way, the password is only stored temporarily in the variable and won't appear in your command history.

Always remember to be cautious with your credentials. It's essential to avoid exposing them to other users or inadvertently committing them to version control if used within scripts.

Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is a skilled cloud architect with a background in development, entrepreneurship, and open-source advocacy. As the founder of Simplified Guide, he helps others understand the complexities of computing, making tech concepts accessible to all.

Discuss the article:

Comment anonymously. Login not required.