Overview

Allows users to quickly login to known servers without having to reenter the credentials each time. A .netrc file will typically be stored in a users home directory. Typically set without group or world read permissions (chmod 600 .netrc).

Tokens

machine name

Identify remote machine name. Auto-login searches file and matches a machine token. If matched, the subsequent tokens are processed.

default

Machine name, except it will match any name. There can be only one default token and it must occur after all other machines. E.g.

default login anonymous password user@site

where this gives automatic anonymous ftp login to machines that are not specified. This can be overridden by using the -n flag to disable auto-login.

login name

Identify a user on the remote machine, and login under that user.

password string

If present, the auto login will supply the string as the password if required by the remote server. If this token is present for any user other than anonymous, ftp will abort the auto-login process if the .netrc file is readable by anyone other than the user.

account string

An additional account password supplied if remote server requires, or the login process will initiate an ACCT command.

macdef name

Define a macro. Automatically executed as the last step in the auto-login process.

Process with Python

Simple processing example using the Python stdlib netrc class

import os
import netrc

net_fp = os.path.expanduser("~/.netrc")

assert os.path.isfile(net_fp), ".netrc does not exist"
assert oct(os.stat(net_fp).st_mode) == oct(0o100600), "incorrect permissions"

net = netrc.netrc()

# replace host with the machine name token you want to look up
creds = n.authenticators("host") # -> (username, account, password)

# will return tuple of tokens for host
creds[0] # -> username
creds[2] # -> password

References

• GNU FTP .netrc
• curl .netrc
• .netrc pains - Daniel Stenberg