Hide usernam and password in http test 🔗 link

Hi

Im running a xymon server installed from the Terabithia repository

Release: xymon-4.3.30-1

I added a http test that requires basic authentication. The password has special characters.

The test works when I add the username and password in the full url, ie. https://server/page.htm?user=User&password=p at sw0rd

The man pages mention a file ~/.netrc where you can store username and password for basic authentication

Which directory should the file be stored on the server.

Best regards

Those are always stored in the home directory of the user that they're for.  You need to find the home directory of the xymon user in /etc/passwd.


Scot Kreienkamp | Senior Systems Engineer | La-Z-Boy Corporate
One La-Z-Boy Drive | Monroe, Michigan 48162 | * XXX-XXX-XXXX | |  * X-XXX-XXX-XXXX  | * user-9678697f1438@xymon.invalid
www.la-z-boy.com<http://www.la-z-boy.com>;  | facebook.com/lazboy<http://facebook.com/lazboy>;  | twitter.com/lazboy<http://twitter.com/lazboy>; | youtube.com/lazboy<http://youtube.com/lazboy>;
[cid:4C-lzbVertical_Tag_400px_d8b9412e-f3ea-46a1-99dc-a7c57261e11e.jpg]
From: Xymon <xymon-bounces at xymon.com> On Behalf Of Chris Pretorius
Sent: Thursday, March 18, 2021 7:35 AM
To: Xymon Mailing List <xymon at xymon.com>
Subject: [Xymon] Hide usernam and password in http test

ATTENTION:   This email was sent to La-Z-Boy from an external source.     Be vigilant when opening attachments or clicking links.

Hi

Im running a xymon server installed from the Terabithia repository

Release: xymon-4.3.30-1

I added a http test that requires basic authentication. The password has special characters.

The test works when I add the username and password in the full url, ie. https://server/page.htm?user=User&password=p at sw0rd

The man pages mention a file ~/.netrc where you can store username and password for basic authentication

Which directory should the file be stored on the server.

Best regards

This message is intended only for the individual or entity to which it is addressed. It may contain privileged, confidential information which is exempt from disclosure under applicable laws. If you are not the intended recipient, you are strictly prohibited from disseminating or distributing this information (other than to the intended recipient) or copying this information. If you have received this communication in error, please notify us immediately by e-mail or by telephone at the above number. Thank you.

The online manpage (probably the most up-to-date) says that the netrc file
is in $XYMON/etc/netrc - note that there is no dot in the filename.

https://xymon.sourceforge.io/xymon/help/manpages/man1/xymonnet.1.html

On Thu, 18 Mar 2021 at 22:45, Chris Pretorius <user-3fef1df92e88@xymon.invalid>

wrote:

I tried
$XYMON/etc/netrc and $XYMON/etc/.netrc

And xymon user homedir both netrc and .netrc

Also set chmod 600 to all the files

I found a different end point on the webserver (Windows, not IIS) that doesn?t require authentication that I can use in the test.
Seems to be doing the job.

Thanx everyone for your guidance, much appreciated.

From: Jeremy Laidman <user-0608abae5e7c@xymon.invalid>
Sent: Friday, 19 March 2021 08:12
To: Chris Pretorius <user-3fef1df92e88@xymon.invalid>
Cc: Xymon Mailing List <xymon at xymon.com>
Subject: Re: [Xymon] Hide usernam and password in http test

The online manpage (probably the most up-to-date) says that the netrc file is in $XYMON/etc/netrc - note that there is no dot in the filename.

https://xymon.sourceforge.io/xymon/help/manpages/man1/xymonnet.1.html

On Thu, 18 Mar 2021 at 22:45, Chris Pretorius <user-3fef1df92e88@xymon.invalid<mailto:user-3fef1df92e88@xymon.invalid>> wrote:
Hi

Im running a xymon server installed from the Terabithia repository

Release: xymon-4.3.30-1

I added a http test that requires basic authentication. The password has special characters.

The test works when I add the username and password in the full url, ie. https://server/page.htm?user=User&password=p at sw0rd

The man pages mention a file ~/.netrc where you can store username and password for basic authentication

Which directory should the file be stored on the server.

Best regards

Very strange.

The code (within xymonnet) that loads the file first looks for
$XYMONHOME/etc/netrc and then looks for $HOME/.netrc (where $HOME should be
~xymon, the xymon user's home directory).

Could be the format you have is not recognised by Xymon. Unfortunately,
there are no diagnostics if the file is unreadable or malformed.

The code seems to suggest that you can use keywords: machine, login,
password, account, macef and default.

A comment can be denoted by a hash (#), leading and trailing whitespace is
ignored. Tokens are separated by whitespace (tabs and spaces).

So something like this:

# my authentication params
hostname beatbox.example.com login webadmin password pr1v at te

This will cause an authentication string of "webadmin:pr1v at te" to be
assigned to the hostname beatbox, presumably to be used in a URL such as
https://beatbox.example.com/testthis.html. The string is base64-encoded and
included in an "Authorization: Basic <base64>" header.

On my system, if I run "strace xymoncmd xymonnet www.example.com 2>&1 |
grep netrc" I get this:

open("/usr/lib/xymon/server/etc/netrc", O_RDONLY) = -1 ENOENT (No such file
or directory)
open("/usr/lib/xymon/.netrc", O_RDONLY) = -1 ENOENT (No such file or
directory)

So it's definitely looking for it. If I mis-type the hostname, to something
that doesn't exist in hosts.cfg, or if I choose a host that doesn't have
"http://<something>";, the strace doesn't show any output, so it doesn't
even try to find a netrc file.

I appreciate that you have another solution, but you (and others) might
find it helpful to find out why this isn't working for you.

Cheers
Jeremy


On Fri, 19 Mar 2021 at 18:58, Chris Pretorius <user-3fef1df92e88@xymon.invalid>

wrote: