Could not find much info about how fetch authenticates.
So if I had a https server running nginx with basic auth configured.
And someone was trying to man-in-the-middle one of our routers.
Using wireshark or similar would they be able to sniff out the password.
Assuming the P/W is safe, if they configured a local dsn matching our server url and a fileserver w/o authentication would fetch pull a file if configured to use authentication?
Other then checking certs (were are tryng to find a way to deal with a cert/crl going bad) is there anyway to ensure it will only fetch files from our server?
Amusing the PW is safe I was thinking you could verify a secondary password before executing.