[Xymon] Hide username and password in http test

Scot Kreienkamp Scot.Kreienkamp at la-z-boy.com
Thu Mar 18 16:02:39 CET 2021


Might have to be chmod 0600.


Scot Kreienkamp | Senior Systems Engineer | La-Z-Boy Corporate
One La-Z-Boy Drive | Monroe, Michigan 48162 | * 734-384-6403 | |  * 1-734-915-1444  | * Scot.Kreienkamp at la-z-boy.com
www.la-z-boy.com<http://www.la-z-boy.com>  | facebook.com/lazboy<http://facebook.com/lazboy>  | twitter.com/lazboy<http://twitter.com/lazboy> | youtube.com/lazboy<http://youtube.com/lazboy>
[cid:4C-lzbVertical_Tag_400px_d8b9412e-f3ea-46a1-99dc-a7c57261e11e.jpg]
From: Xymon <xymon-bounces at xymon.com> On Behalf Of Chris Pretorius
Sent: Thursday, March 18, 2021 10:46 AM
To: KING, KEVIN <KK1051 at att.com>; Xymon Mailing List <xymon at xymon.com>
Subject: Re: [Xymon] Hide username and password in http test

ATTENTION:   This email was sent to La-Z-Boy from an external source.     Be vigilant when opening attachments or clicking links.
Hi

Xymon server runs as the xymon user, homedir is /usr/lib/xymon/

I placed the file there (Perms are xymon:xymon) but still no go



From: KING, KEVIN <KK1051 at att.com<mailto:KK1051 at att.com>>
Sent: Thursday, 18 March 2021 14:54
To: Chris Pretorius <chrisp at lightstone.co.za<mailto:chrisp at lightstone.co.za>>; Xymon Mailing List <xymon at xymon.com<mailto:xymon at xymon.com>>
Subject: RE: Hide username and password in http test

I have not used this, but based on the other items and the writers of the platform, I would put this in the home directory of the user that is running the xymon application.

-Kevin

From: Xymon <xymon-bounces at xymon.com<mailto:xymon-bounces at xymon.com>> On Behalf Of Chris Pretorius
Sent: Thursday, March 18, 2021 7:35 AM
To: Xymon Mailing List <xymon at xymon.com<mailto:xymon at xymon.com>>
Subject: [Xymon] Hide usernam and password in http test

Hi

Im running a xymon server installed from the Terabithia repository

Release: xymon-4.3.30-1

I added a http test that requires basic authentication. The password has special characters.

The test works when I add the username and password in the full url, ie. https://server/page.htm?user=User&password=p@sw0rd<https://urldefense.com/v3/__https:/server/page.htm?user=User&password=p@sw0rd__;!!BhdT!374AslU01M-gavchN3GUGqP8XwfFNgqNoCReWupQ1GONsSAa_U5Dw_ifFODBWQ$>

The man pages mention a file ~/.netrc where you can store username and password for basic authentication

Which directory should the file be stored on the server.

Best regards




This message is intended only for the individual or entity to which it is addressed. It may contain privileged, confidential information which is exempt from disclosure under applicable laws. If you are not the intended recipient, you are strictly prohibited from disseminating or distributing this information (other than to the intended recipient) or copying this information. If you have received this communication in error, please notify us immediately by e-mail or by telephone at the above number. Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20210318/148f02f9/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 4C-lzbVertical_Tag_400px_d8b9412e-f3ea-46a1-99dc-a7c57261e11e.jpg
Type: image/jpeg
Size: 591045 bytes
Desc: 4C-lzbVertical_Tag_400px_d8b9412e-f3ea-46a1-99dc-a7c57261e11e.jpg
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20210318/148f02f9/attachment-0001.jpg>


More information about the Xymon mailing list