wget: FTP Options

1 
1 2.9 FTP Options
1 ===============
1 
1 ‘--ftp-user=USER’
1 ‘--ftp-password=PASSWORD’
1      Specify the username USER and password PASSWORD on an FTP server.
1      Without this, or the corresponding startup option, the password
1      defaults to ‘-wget@’, normally used for anonymous FTP.
1 
1      Another way to specify username and password is in the URL itself
1      (⇒URL Format).  Either method reveals your password to
1      anyone who bothers to run ‘ps’.  To prevent the passwords from
1      being seen, store them in ‘.wgetrc’ or ‘.netrc’, and make sure to
1      protect those files from other users with ‘chmod’.  If the
1      passwords are really important, do not leave them lying in those
1      files either—edit the files and delete them after Wget has started
1      the download.
1 
1 ‘--no-remove-listing’
1      Don’t remove the temporary ‘.listing’ files generated by FTP
1      retrievals.  Normally, these files contain the raw directory
1      listings received from FTP servers.  Not removing them can be
1      useful for debugging purposes, or when you want to be able to
1      easily check on the contents of remote server directories (e.g.  to
1      verify that a mirror you’re running is complete).
1 
1      Note that even though Wget writes to a known filename for this
1      file, this is not a security hole in the scenario of a user making
1      ‘.listing’ a symbolic link to ‘/etc/passwd’ or something and asking
1      ‘root’ to run Wget in his or her directory.  Depending on the
1      options used, either Wget will refuse to write to ‘.listing’,
1      making the globbing/recursion/time-stamping operation fail, or the
1      symbolic link will be deleted and replaced with the actual
1      ‘.listing’ file, or the listing will be written to a
1      ‘.listing.NUMBER’ file.
1 
1      Even though this situation isn’t a problem, though, ‘root’ should
1      never run Wget in a non-trusted user’s directory.  A user could do
1      something as simple as linking ‘index.html’ to ‘/etc/passwd’ and
1      asking ‘root’ to run Wget with ‘-N’ or ‘-r’ so the file will be
1      overwritten.
1 
1 ‘--no-glob’
1      Turn off FTP globbing.  Globbing refers to the use of shell-like
1      special characters (“wildcards”), like ‘*’, ‘?’, ‘[’ and ‘]’ to
1      retrieve more than one file from the same directory at once, like:
1 
1           wget ftp://gnjilux.srk.fer.hr/*.msg
1 
1      By default, globbing will be turned on if the URL contains a
1      globbing character.  This option may be used to turn globbing on or
1      off permanently.
1 
1      You may have to quote the URL to protect it from being expanded by
1      your shell.  Globbing makes Wget look for a directory listing,
1      which is system-specific.  This is why it currently works only with
1      Unix FTP servers (and the ones emulating Unix ‘ls’ output).
1 
1 ‘--no-passive-ftp’
1      Disable the use of the “passive” FTP transfer mode.  Passive FTP
1      mandates that the client connect to the server to establish the
1      data connection rather than the other way around.
1 
1      If the machine is connected to the Internet directly, both passive
1      and active FTP should work equally well.  Behind most firewall and
1      NAT configurations passive FTP has a better chance of working.
1      However, in some rare firewall configurations, active FTP actually
1      works when passive FTP doesn’t.  If you suspect this to be the
1      case, use this option, or set ‘passive_ftp=off’ in your init file.
1 
1 ‘--preserve-permissions’
1      Preserve remote file permissions instead of permissions set by
1      umask.
1 
1 ‘--retr-symlinks’
1      By default, when retrieving FTP directories recursively and a
1      symbolic link is encountered, the symbolic link is traversed and
1      the pointed-to files are retrieved.  Currently, Wget does not
1      traverse symbolic links to directories to download them
1      recursively, though this feature may be added in the future.
1 
1      When ‘--retr-symlinks=no’ is specified, the linked-to file is not
1      downloaded.  Instead, a matching symbolic link is created on the
1      local filesystem.  The pointed-to file will not be retrieved unless
1      this recursive retrieval would have encountered it separately and
1      downloaded it anyway.  This option poses a security risk where a
1      malicious FTP Server may cause Wget to write to files outside of
1      the intended directories through a specially crafted .LISTING file.
1 
1      Note that when retrieving a file (not a directory) because it was
1      specified on the command-line, rather than because it was recursed
1      to, this option has no effect.  Symbolic links are always traversed
1      in this case.
1 
1 2.10 FTPS Options
1 =================
1 
1 ‘--ftps-implicit’
1      This option tells Wget to use FTPS implicitly.  Implicit FTPS
1      consists of initializing SSL/TLS from the very beginning of the
1      control connection.  This option does not send an ‘AUTH TLS’
1      command: it assumes the server speaks FTPS and directly starts an
1      SSL/TLS connection.  If the attempt is successful, the session
1      continues just like regular FTPS (‘PBSZ’ and ‘PROT’ are sent,
1      etc.).  Implicit FTPS is no longer a requirement for FTPS
1      implementations, and thus many servers may not support it.  If
1      ‘--ftps-implicit’ is passed and no explicit port number specified,
1      the default port for implicit FTPS, 990, will be used, instead of
1      the default port for the "normal" (explicit) FTPS which is the same
1      as that of FTP, 21.
1 
1 ‘--no-ftps-resume-ssl’
1      Do not resume the SSL/TLS session in the data channel.  When
1      starting a data connection, Wget tries to resume the SSL/TLS
1      session previously started in the control connection.  SSL/TLS
1      session resumption avoids performing an entirely new handshake by
1      reusing the SSL/TLS parameters of a previous session.  Typically,
1      the FTPS servers want it that way, so Wget does this by default.
1      Under rare circumstances however, one might want to start an
1      entirely new SSL/TLS session in every data connection.  This is
1      what ‘--no-ftps-resume-ssl’ is for.
1 
1 ‘--ftps-clear-data-connection’
1      All the data connections will be in plain text.  Only the control
1      connection will be under SSL/TLS. Wget will send a ‘PROT C’ command
1      to achieve this, which must be approved by the server.
1 
1 ‘--ftps-fallback-to-ftp’
1      Fall back to FTP if FTPS is not supported by the target server.
1      For security reasons, this option is not asserted by default.  The
1      default behaviour is to exit with an error.  If a server does not
1      successfully reply to the initial ‘AUTH TLS’ command, or in the
1      case of implicit FTPS, if the initial SSL/TLS connection attempt is
1      rejected, it is considered that such server does not support FTPS.
1