I think the simplest thing to do is to use http and a secured directory. I do this all the time, then tell anyone to point a browser (or wget from the command line) to the secure directory and type in user/pass. You could write a perl one-liner with LWP::Simple to do this fairly easily.

The apache docs explain this fairly obtusely, so I just use this file in the secured directory:

# .htaccess
AuthUserFile /path/to/.htpasswd
AuthGroupFile /dev/null
AuthName "Secure Access"
AuthType Basic

<LIMIT GET>
require valid-user
</LIMIT>
[download]

and use the htpasswd command to generate the .htpasswd file. The .htpasswd file can be somewhere outside of the web hierarchy for security. This provides some security but is far from perfect; access it over https (although we know that's not perfect either, it's better than http)

Hope that helps,
SSF