how to pass a password with a cron job safely?

cron password authentication curl
16,002

To avoid showing the password on the command where other users can see it with ps, you should not pass the password in the command. It's why many utilities don't support passwords as command line arguments.

Instead store your password in a ~/.netrc file and pass the -n option to curl.

For the details of file syntax, I let you see the man of curl.

Share:
16,002

Related videos on Youtube

inckka
Author by

inckka

Solving Enthusiast.

Updated on September 18, 2022

Comments

  • inckka
    inckka almost 2 years

    I have a site map generator script placed in this URL

    http://www.mydomain.com/admin/sitemapgen/

    However this URL is protected with an username and a password in auth_type basic method.

    I need to place a cron to access this URL once a week. So I've decided to use the curl command and placed the cron like below.

    curl -u username:mypassword http://www.mydomain.com/admin/sitemapgen/

    I'm aware that sending a password through http is insecure, however at least I'm trying to hide the password from server/hosting panel users from this curl command.

    1) Are there any methods to hide the password in this curl command? I read something about placing a plain text file with the password in server and use it with the -k option. However I'm not in to place the password in a plain text file either.

    2) Are there any other commands than curl to use for this specific purpose?

  • inckka
    inckka over 9 years
    This answer is useful and I've already tried it and working. However when creating the .netrc file I had to specify the machine name. And according to above my example, I have specified the value as www.mydomain.com My requirement is done. However another security vulnerability occurs. Because I don't want to let some one access the main domain. However after creating .netrc file, now every one can curl -n in the site without any username and password. is there any method to specify the .netrc machine name to www.mydomain.com/admin/sitemapgen/
  • alexises
    alexises over 9 years
    You should make this action using a custom user for the generation

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Can't Set "Host:" Header with CURL Request
Curl fails on sftp password authentication
convert wget cron command to curl
I cannot enter my password when using sudo to install Sophos AV for Linux
How can I prevent a user from changing their password?
How do you configure Netplan on Ubuntu to store 802.1x credentials securely?
Is there a way to lock my browser with a password?
I cannot enter my password in the terminal - can't install packages
Graphical authentication works; why does sudo say my password is wrong?
Installed perfectly but password not working for login or authentication