Hide username and password in http test
list Kevin King
I have not used this, but based on the other items and the writers of the platform, I would put this in the home directory of the user that is running the xymon application. -Kevin From: Xymon <xymon-bounces at xymon.com> On Behalf Of Chris Pretorius Sent: Thursday, March 18, 2021 7:35 AM To: Xymon Mailing List <xymon at xymon.com> Subject: [Xymon] Hide usernam and password in http test Hi Im running a xymon server installed from the Terabithia repository Release: xymon-4.3.30-1 I added a http test that requires basic authentication. The password has special characters. The test works when I add the username and password in the full url, ie. https://server/page.htm?user=User&password=p at sw0rd<https://urldefense.com/v3/__https:/server/page.htm?user=User&password=p at sw0rd__;!!BhdT!374AslU01M-gavchN3GUGqP8XwfFNgqNoCReWupQ1GONsSAa_U5Dw_ifFODBWQ$> The man pages mention a file ~/.netrc where you can store username and password for basic authentication Which directory should the file be stored on the server. Best regards
list Chris Pretorius
Hi Xymon server runs as the xymon user, homedir is /usr/lib/xymon/ I placed the file there (Perms are xymon:xymon) but still no go
▸
From: KING, KEVIN <user-ca972c0c43a8@xymon.invalid> Sent: Thursday, 18 March 2021 14:54 To: Chris Pretorius <user-3fef1df92e88@xymon.invalid>; Xymon Mailing List <xymon at xymon.com> Subject: RE: Hide username and password in http test I have not used this, but based on the other items and the writers of the platform, I would put this in the home directory of the user that is running the xymon application. -Kevin From: Xymon <xymon-bounces at xymon.com<mailto:xymon-bounces at xymon.com>> On Behalf Of Chris Pretorius Sent: Thursday, March 18, 2021 7:35 AM To: Xymon Mailing List <xymon at xymon.com<mailto:xymon at xymon.com>> Subject: [Xymon] Hide usernam and password in http test Hi Im running a xymon server installed from the Terabithia repository Release: xymon-4.3.30-1 I added a http test that requires basic authentication. The password has special characters. The test works when I add the username and password in the full url, ie. https://server/page.htm?user=User&password=p at sw0rd<https://urldefense.com/v3/__https:/server/page.htm?user=User&password=p at sw0rd__;!!BhdT!374AslU01M-gavchN3GUGqP8XwfFNgqNoCReWupQ1GONsSAa_U5Dw_ifFODBWQ$> The man pages mention a file ~/.netrc where you can store username and password for basic authentication Which directory should the file be stored on the server. Best regards
list Jeremy Ruffer
The file needs to readable only by the user.
▸
On Thu, 18 Mar 2021, 14:43 KING, KEVIN, <user-ca972c0c43a8@xymon.invalid> wrote:
I have not used this, but based on the other items and the writers of the platform, I would put this in the home directory of the user that is running the xymon application. -Kevin *From:* Xymon <xymon-bounces at xymon.com> *On Behalf Of *Chris Pretorius *Sent:* Thursday, March 18, 2021 7:35 AM *To:* Xymon Mailing List <xymon at xymon.com> *Subject:* [Xymon] Hide usernam and password in http test Hi Im running a xymon server installed from the Terabithia repository Release: xymon-4.3.30-1 I added a http test that requires basic authentication. The password has special characters. The test works when I add the username and password in the full url, ie.
https://server/page.htm?user=User&password=p at sw0rd <https://urldefense.com/v3/__https:/server/page.htm?user=User&password=p at sw0rd__;!!BhdT!374AslU01M-gavchN3GUGqP8XwfFNgqNoCReWupQ1GONsSAa_U5Dw_ifFODBWQ$>
▸
The man pages mention a file ~/.netrc where you can store username and
password for basic authentication
Which directory should the file be stored on the server.
Best regards
list Scot Kreienkamp
Might have to be chmod 0600. Scot Kreienkamp | Senior Systems Engineer | La-Z-Boy Corporate One La-Z-Boy Drive | Monroe, Michigan 48162 | * XXX-XXX-XXXX | | * X-XXX-XXX-XXXX | * user-9678697f1438@xymon.invalid www.la-z-boy.com<http://www.la-z-boy.com>; | facebook.com/lazboy<http://facebook.com/lazboy>; | twitter.com/lazboy<http://twitter.com/lazboy>; | youtube.com/lazboy<http://youtube.com/lazboy>; [cid:4C-lzbVertical_Tag_400px_d8b9412e-f3ea-46a1-99dc-a7c57261e11e.jpg] From: Xymon <xymon-bounces at xymon.com> On Behalf Of Chris Pretorius Sent: Thursday, March 18, 2021 10:46 AM To: KING, KEVIN <user-ca972c0c43a8@xymon.invalid>; Xymon Mailing List <xymon at xymon.com> Subject: Re: [Xymon] Hide username and password in http test ATTENTION: This email was sent to La-Z-Boy from an external source. Be vigilant when opening attachments or clicking links.
▸
Hi Xymon server runs as the xymon user, homedir is /usr/lib/xymon/ I placed the file there (Perms are xymon:xymon) but still no go From: KING, KEVIN <user-ca972c0c43a8@xymon.invalid<mailto:user-ca972c0c43a8@xymon.invalid>> Sent: Thursday, 18 March 2021 14:54 To: Chris Pretorius <user-3fef1df92e88@xymon.invalid<mailto:user-3fef1df92e88@xymon.invalid>>; Xymon Mailing List <xymon at xymon.com<mailto:xymon at xymon.com>> Subject: RE: Hide username and password in http test I have not used this, but based on the other items and the writers of the platform, I would put this in the home directory of the user that is running the xymon application. -Kevin From: Xymon <xymon-bounces at xymon.com<mailto:xymon-bounces at xymon.com>> On Behalf Of Chris Pretorius Sent: Thursday, March 18, 2021 7:35 AM To: Xymon Mailing List <xymon at xymon.com<mailto:xymon at xymon.com>> Subject: [Xymon] Hide usernam and password in http test Hi Im running a xymon server installed from the Terabithia repository Release: xymon-4.3.30-1 I added a http test that requires basic authentication. The password has special characters. The test works when I add the username and password in the full url, ie. https://server/page.htm?user=User&password=p at sw0rd<https://urldefense.com/v3/__https:/server/page.htm?user=User&password=p at sw0rd__;!!BhdT!374AslU01M-gavchN3GUGqP8XwfFNgqNoCReWupQ1GONsSAa_U5Dw_ifFODBWQ$> The man pages mention a file ~/.netrc where you can store username and password for basic authentication Which directory should the file be stored on the server. Best regards
This message is intended only for the individual or entity to which it is addressed. It may contain privileged, confidential information which is exempt from disclosure under applicable laws. If you are not the intended recipient, you are strictly prohibited from disseminating or distributing this information (other than to the intended recipient) or copying this information. If you have received this communication in error, please notify us immediately by e-mail or by telephone at the above number. Thank you.
list Kevin King
Make sure it is 0600 readable by owner only. If that is not it, maybe someone may have other advice. -Kevin
▸
From: Chris Pretorius <user-3fef1df92e88@xymon.invalid> Sent: Thursday, March 18, 2021 10:46 AM To: KING, KEVIN <user-ca972c0c43a8@xymon.invalid>; Xymon Mailing List <xymon at xymon.com> Subject: RE: Hide username and password in http test Hi Xymon server runs as the xymon user, homedir is /usr/lib/xymon/ I placed the file there (Perms are xymon:xymon) but still no go From: KING, KEVIN <user-ca972c0c43a8@xymon.invalid<mailto:user-ca972c0c43a8@xymon.invalid>> Sent: Thursday, 18 March 2021 14:54 To: Chris Pretorius <user-3fef1df92e88@xymon.invalid<mailto:user-3fef1df92e88@xymon.invalid>>; Xymon Mailing List <xymon at xymon.com<mailto:xymon at xymon.com>> Subject: RE: Hide username and password in http test I have not used this, but based on the other items and the writers of the platform, I would put this in the home directory of the user that is running the xymon application. -Kevin From: Xymon <xymon-bounces at xymon.com<mailto:xymon-bounces at xymon.com>> On Behalf Of Chris Pretorius Sent: Thursday, March 18, 2021 7:35 AM To: Xymon Mailing List <xymon at xymon.com<mailto:xymon at xymon.com>> Subject: [Xymon] Hide usernam and password in http test Hi Im running a xymon server installed from the Terabithia repository Release: xymon-4.3.30-1 I added a http test that requires basic authentication. The password has special characters. The test works when I add the username and password in the full url, ie. https://server/page.htm?user=User&password=p at sw0rd<https://urldefense.com/v3/__https:/server/page.htm?user=User&password=p at sw0rd__;!!BhdT!374AslU01M-gavchN3GUGqP8XwfFNgqNoCReWupQ1GONsSAa_U5Dw_ifFODBWQ$> The man pages mention a file ~/.netrc where you can store username and password for basic authentication Which directory should the file be stored on the server. Best regards