Search…
README
How to read this book
The cURL project
Network and protocols
Install curl
Source code
Build curl
Command line basics
Using curl
Verbose
Version
Persistent connections
Downloads
Uploads
Transfer controls
Connections
Timeouts
.netrc
Proxies
Exit status
SCP and SFTP
Reading email
Sending email
MQTT
TFTP
TELNET
DICT
TLS
Copy as curl
HTTP with curl
FTP with curl
Using libcurl
HTTP with libcurl
Bindings
libcurl internals
Index
Powered By GitBook
.netrc
Unix systems have for a long time offered a way for users to store their user name and password for remote FTP servers. ftp clients have supported this for decades and this way allowed users to quickly login to known servers without manually having to reenter the credentials each time. The .netrc file is typically stored in a user's home directory. (On Windows, curl will look for it with the name _netrc).
This being a widespread and well used concept, curl also supports it—if you ask it to. curl does not, however, limit this feature to FTP, but can get credentials for machines for any protocol with this. See further below for how.

The .netrc file format

The .netrc file format is simple: you specify lines with a machine name and follow that with the login and password that are associated with that machine.
Each field is provided as a sequence of letters that ends with a space or newline. Since 7.84.0, curl also supports quoted strings. They start and end with double quotes (") and support the escaped special letters \", (newline), (carriage return), and (TAB). Quoted strings are the only way a space character can be used in a user name or password.
machine name
Identifies a remote machine name. curl searches the .netrc file for a machine token that matches the remote machine specified in the URL. Once a match is made, the subsequent .netrc tokens are processed, stopping when the end of file is reached or another machine is encountered.
default
This is the same as machine name except that default matches any name. There can be only one default token, and it must be after all machine tokens. To provide a default anonymous login for hosts that are not otherwise matched, add a line similar to this in the end:
default login anonymous password [email protected]
login name
The user name string for the remote machine. You cannot use a space in the name.
password string
Supply a password. If this token is present, curl will supply the specified string if the remote server requires a password as part of the login process. Note that if this token is present in the .netrc file you really should make sure the file is not readable by anyone besides the user. You cannot use a space when you enter the password.
macdef name
Define a macro. This is not supported by curl. In order for the rest of the .netrc to still work fine, curl will properly skip every definition done with macdef that it finds.

Example

An example .netrc for the host example.com with a user named 'daniel', using the password 'qwerty' would look like:
machine example.com
login daniel
password qwerty
It can also be written on a single line with the same functionality:
machine example.com login daniel password qwerty

User name matching

When a URL is provided with a user name and .netrc is used, then curl will try to find the matching password for that machine and login combination.

Enable netrc

-n, --netrc tells curl to look for and use the .netrc file.
--netrc-file [file] is similar to --netrc, except that you also provide the path to the actual file to use. This is useful when you want to provide the information in another directory or with another file name.
--netrc-optional is similar to --netrc, but this option makes the .netrc usage optional and not mandatory as the --netrc option.
Previous
Timeouts
Next
Proxies
Last modified 2mo ago
Export as PDF
Copy link
Edit on GitHub
Outline
The .netrc file format
Example
User name matching
Enable netrc