This question about using cURL with a username and password has suboptimal answers for me:
curl -u "user:pw" https://example.com puts the pw in the process listcurl "https://user:pw@example.com" puts the pw in the process listcurl -u "user:$(cat ~/.passwd)" https://example.com puts the pw in the process listcurl -u user https://example.com prompts for the pwcurl --netrc-file ~/.netrc https://example.com requires a file#4 is secure, but I might run this command hundreds of times a day, so it's tedious. #5 is close to secure, but that file could be read by somebody with root access.
The cURL man page says (note the bold text):
-u/--user <user:password>Specify the user name and password to use for server authentication. Overrides
-n/--netrcand--netrc-optional.If you just give the user name (without entering a colon) curl will prompt for a password.
If you use an SSPI-enabled curl binary and do NTLM authentication, you can force curl to pick up the user name and password from your environment by simply specifying a single colon with this option:
-u :.
I've tried setting $USER and $PASSWORD (and $CURLOPT_PASSWORD and others) in the environment, but cURL doesn't pick up either of them when invoked as curl -u : https://example.com (nor does it work without the -u :).
I'm not doing NTLM, so this doesn't work. Unless I'm missing something.
Is there a way to pass credentials to curl solely through the environment?
(Workaround moved to an answer)
As of curl 8.3.0, variables were added. This allows you to import variables from the environment and use them to expand various command line options.
Example:
export userpwd=AzureDiamond:hunter2
curl --variable %userpwd --expand-user {{userpwd}} --url https://example.com