14.4. Using Autologin

The autologin feature lets you authenticate yourself on a remote system by using a user ID and password that are stored in the .netrc file. The .netrc file supports autologin for ftua commands. You cannot use the autologin feature, however, if you have the UNICOS multilevel security (MLS) feature or the UNICOS/mk security enhancements enabled.

The .netrc file is an authorization file that contains host and user information that the remote system verifies before the file transfer session begins. ftp also uses the .netrc file.

To use autologin, create the .netrc file in your home directory. If FTA finds this file, it uses the information to log you in to the remote host automatically. If you do not have an .netrc file, the system prompts you for your login name and password.

The .netrc file is a simple text file. To create or modify it, you can use any standard text editor, such as vi(1).

Although autologin is very convenient, it does present a major security threat to the system. If .netrc contains password or account information, FTA requires that the file permissions are set so that the owner of the file has exclusive read and write permissions. Set the file permissions by using the chmod 600 .netrc command. If the file permissions allow any other user to read and write the file, your transfer will fail.

14.4.1. Creating .netrc File Entries

The .netrc file can contain one or more entries. Each entry describes default values and macros to use when connecting to a specified remote host. Each entry is on a separate line. Each entry is composed of token pairs that include a keyword and a value.

The recognized keywords are machine, login, password, account, and macdef.

To separate token pairs, use any of the following characters:

To embed any of these special delimiter characters into a token pair, precede it with a \ symbol.

The machine remote_hostname token pair defines the start of an entry.

All other token pairs are optional. You can specify them in any order, though they usually are given in the order that follows. If you omit necessary information from your .netrc file, FTA prompts you for it.

Note: The macdef macro_name token pair is different from the others. After the macdef macro_name token pair, all characters up to a blank line are assumed to be the definitions of a macro.

The following is a list of the permissible token pairs:

Token pair


machine remote_hostname

Identifies the name of the remote host to which a connection will be established. When you start ftua, the .netrc file is searched for a machine keyword that matches the remote host name you specify. After a match is found, the subsequent .netrc token pairs are processed until the end of the file is reached or until another machine keyword is found.

login login_name

Specifies the name of a user at the remote host. If the login keyword is present, the autologin process uses login_name to log in to the remote host.

password password

Specifies a password for login_name. If the password keyword is present and the .netrc file can be read by anyone but the user running ftua, the autologin process aborts.

account account_name

Supplies an additional account password if required.

macdef macro_name macro

Defines a macro for the ftua session. A macro is defined with the specified name. The macro's contents begin with the next .netrc line and continue until a blank line is encountered. If a macro called init is defined, it is executed automatically as the last step of the autologin process.

14.4.2. .netrc File Example

The following example .netrc file contains entries for three different remote hosts. The line machine biology login bonnie indicates that, when connecting to host biology, you must use the login name bonnie. Because the password is omitted, you are prompted for the password during each login process.

The line machine chemistry login alice indicates that, when connecting to host chemistry, you must use the login name alice, and it also defines two macros, lsf and pwdlsf.

The line machine blackhole login anonymous password bonnie is an entry for anonymous ftua. The anonymous facility lets you use ftua to access another host without having an account or password on that host. The login name for anonymous ftua is usually anonymous. The password should be a name that describes the user. This example uses the login name anonymous and the password bonnie. Usually, the anonymous facility is not enabled. When it is enabled, only a limited number of files can be accessed on that host.

# .netrc file example

machine biology login bonnie
machine chemistry login alice
    macdef lsf
    ls -CF

    macdef pwdlsf
    ls -CF

machine blackhole login anonymous password bonnie