Re: password and security

2011-06-14 Thread Franck Eyraud
Hi Juan, I use the ~/.netrc file with which lftp is compatible. http://www.mavetju.org/unix/netrc.php If you mind to set permissions on this file on 600, then no one else can read this file. And this is the way I use for automated download with lftp. Regards, Franck On 13/06/2011 13:11,

Re: password and security

2011-06-14 Thread David Bruyer
Hi, Passwords stored in the .netrc file are in plain text. And ROOT can access it. I think the best way to secure the password is to encrypt it. Cordialement, _ David BRUYER 2011/6/14 Franck Eyraud franck.eyr...@jrc.ec.europa.eu Hi Juan, I use the ~/.netrc file with which lftp

Re: password and security

2011-06-14 Thread Franck Eyraud
I agree that for the bookmarks encryption should be considered for the case where you don't trust root. But the .netrc file is a much better alternative than passing the password on the command line (saved in the running processes readable by any user, and stored in the history file) for

Re: password and security

2011-06-14 Thread Juan Simón
And what is the difference between this and use the lftp bookmarks file? The bookmarks file has 600 permission too. El 14 de junio de 2011 09:46, Franck Eyraud franck.eyr...@jrc.ec.europa.euescribió: Hi Juan, I use the ~/.netrc file with which lftp is compatible.

Re: password and security

2011-06-14 Thread Alexander V. Lukyanov
On Tue, Jun 14, 2011 at 11:21:07AM +0200, David Bruyer wrote: Passwords stored in the .netrc file are in plain text. And ROOT can access it. I'd never use a system where I don't trust ROOT. If you come up with a solution for the problem, I'll integrate it. -- Alexander.

Re: password and security

2011-06-14 Thread David Bruyer
Ok. But noone should be able to access passwords, even ROOT. Cordialement, _ David BRUYER 2011/6/14 Alexander V. Lukyanov l...@netis.ru On Tue, Jun 14, 2011 at 11:21:07AM +0200, David Bruyer wrote: Passwords stored in the .netrc file are in plain text. And ROOT can access it.

Re: password and security

2011-06-14 Thread Peko
2011/6/14 Alexander V. Lukyanov l...@netis.ru: On Tue, Jun 14, 2011 at 11:21:07AM +0200, David Bruyer wrote: Passwords stored in the .netrc file are in plain text. And ROOT can access it. I'd never use a system where I don't trust ROOT. If you come up with a solution for the problem, I'll

Re: password and security

2011-06-14 Thread Alexander V. Lukyanov
On Tue, Jun 14, 2011 at 12:46:57PM +0200, David Bruyer wrote: But noone should be able to access passwords, even ROOT. Do you know strace? The root can intercept what you type even via ssh. -- Alexander.

Re: length limit for the exclude-regex string ?

2011-06-14 Thread Alexander V. Lukyanov
On Fri, Jun 10, 2011 at 03:07:51PM +0200, Franck Eyraud wrote: Is there a particular limit in the length of the mirror:exclude-regex variable ? No limit, except the memory size. -- Alexander.