Blame: htpasswd(1) - Waikato Linux Users Group

Annotated edit history of htpasswd(1) version 1 showing authors affecting page license. View with all changes included.

Rev	Author	#	Line
1	perry	1	`htpasswd`
		2	`!!!htpasswd`
		3	`NAME`
		4	`SYNOPSIS`
		5	`DESCRIPTION`
		6	`OPTIONS`
		7	`EXIT STATUS`
		8	`EXAMPLES`
		9	`SECURITY CONSIDERATIONS`
		10	`RESTRICTIONS`
		11	`SEE ALSO`
		12	`----`
		13	`!!NAME`
		14
		15
		16	`htpasswd - Create and update user authentication files`
		17	`!!SYNOPSIS`
		18
		19
		20	`__htpasswd__ [[ __-c__ ] [[ __-m__ \| __-d__ \|`
		21	`__-s__ \| __-p__ ] ''passwdfile username''__`
		22	`htpasswd -b__ [[ __-c__ ] [[ __-m__ \| __-d__ \|`
		23	`__-s__ \| __-p__ ] ''passwdfile username`
		24	`password''__`
		25	`htpasswd -n__ [[ __-m__ \| __-d__ \| __-s__ \|`
		26	`__-p__ ] ''username''__`
		27	`htpasswd -nb__ [[ __-m__ \| __-d__ \| __-s__ \|`
		28	`__-p__ ] ''username password''`
		29	`!!DESCRIPTION`
		30
		31
		32	`__htpasswd__ is used to create and update the flat-files`
		33	`used to store usernames and password for basic`
		34	`authentication of HTTP users. If __htpasswd__ cannot`
		35	`access a file, such as not being able to write to the output`
		36	`file or not being able to read the file in order to update`
		37	`it, it returns an error status and makes no`
		38	`changes.`
		39
		40
		41	`Resources available from the __apache__ Apache web server`
		42	`can be restricted to just the users listed in the files`
		43	`created by __htpasswd.__ This program can only manage`
		44	`usernames and passwords stored in a flat-file. It can`
		45	`encrypt and display password information for use in other`
		46	`types of data stores, though. To use a DBM database see`
		47	`__dbmmanage__.`
		48
		49
		50	`__htpasswd__ encrypts passwords using either a version of`
		51	`MD5 modified for Apache, or the system's ''crypt()''`
		52	`routine. Files managed by __htpasswd__ may contain both`
		53	`types of passwords; some user records may have MD5-encrypted`
		54	`passwords while others in the same file may have passwords`
		55	`encrypted with ''crypt()''.`
		56
		57
		58	`This manual page only lists the command line arguments. For`
		59	`details of the directives necessary to configure user`
		60	`authentication in __apache__ see the Apache manual, which`
		61	`is part of the Apache distribution or can be found at`
		62	`__`
		63	`!!OPTIONS`
		64
		65
		66	`-b`
		67
		68
		69	`Use batch mode; ''i.e.'', get the password from the`
		70	`command line rather than prompting for it. __This option`
		71	`should be used with extreme care, since the password is`
		72	`clearly visible on the command line.__`
		73
		74
		75	`-c`
		76
		77
		78	`Create the ''passwdfile''. If ''passwdfile'' already`
		79	`exists, it is rewritten and truncated. This option cannot be`
		80	`combined with the __-n__ option.`
		81
		82
		83	`-n`
		84
		85
		86	`Display the results on standard output rather than updating`
		87	`a file. This is useful for generating password records`
		88	`acceptable to Apache for inclusion in non-text data stores.`
		89	`This option changes the syntax of the command line, since`
		90	`the ''passwdfile'' argument (usually the first one) is`
		91	`omitted. It cannot be combined with the __-c__`
		92	`option.`
		93
		94
		95	`-m`
		96
		97
		98	`Use Apache's modified MD5 algorithm for passwords. Passwords`
		99	`encrypted with this algorithm are transportable to any`
		100	`platform (Windows, Unix, BeOS, et cetera) running Apache`
		101	`1.3.9 or later. On Windows and TPF, this flag is the`
		102	`default.`
		103
		104
		105	`-d`
		106
		107
		108	`Use crypt() encryption for passwords. The default on all`
		109	`platforms but Windows and TPF. Though possibly supported by`
		110	`__htpasswd__ on all platforms, it is not supported by the`
		111	`__apache__ server on Windows and TPF.`
		112
		113
		114	`-s`
		115
		116
		117	`Use SHA encryption for passwords. Faciliates migration`
		118	`from/to Netscape servers using the LDAP Directory`
		119	`Interchange Format (ldif).`
		120
		121
		122	`-p`
		123
		124
		125	`Use plaintext passwords. Though __htpasswd__ will support`
		126	`creation on all platforms, the __apache__ deamon will`
		127	`only accept plain text passwords on Windows and`
		128	`TPF.`
		129
		130
		131	`''passwdfile''`
		132
		133
		134	`Name of the file to contain the user name and password. If`
		135	`-c is given, this file is created if it does not already`
		136	`exist, or rewritten and truncated if it does`
		137	`exist.`
		138
		139
		140	`''username''`
		141
		142
		143	`The username to create or update in __passwdfile__. If`
		144	`''username'' does not exist in this file, an entry is`
		145	`added. If it does exist, the password is`
		146	`changed.`
		147
		148
		149	`''password''`
		150
		151
		152	`The plaintext password to be encrypted and stored in the`
		153	`file. Only used with the ''-b'' flag.`
		154	`!!EXIT STATUS`
		155
		156
		157	`__htpasswd__ returns a zero status (`
		158	`__passwdfile''. __htpasswd__ returns 1`
		159	`if it encounters some problem accessing files, 2 if there`
		160	`was a syntax problem with the command line, 3 if the`
		161	`password was entered interactively and the verification`
		162	`entry didn't match, 4 if its operation was interrupted, 5 if`
		163	`a value is too long (username, filename, password, or final`
		164	`computed record), and 6 if the username contains illegal`
		165	`characters (see the __RESTRICTIONS__`
		166	`section).`
		167	`!!EXAMPLES`
		168
		169
		170	`__htpasswd /usr/local/etc/apache/.htpasswd-users`
		171	`jsmith__`
		172
		173
		174	`Adds or modifies the password for user ''jsmith''. The`
		175	`user is prompted for the password. If executed on a Windows`
		176	`system, the password will be encrypted using the modified`
		177	`Apache MD5 algorithm; otherwise, the system's ''crypt()''`
		178	`routine will be used. If the file does not exist,`
		179	`__htpasswd__ will do nothing except return an`
		180	`error.`
		181
		182
		183	`__htpasswd -c /home/doe/public_html/.htpasswd`
		184	`jane__`
		185
		186
		187	`Creates a new file and stores a record in it for user`
		188	`''jane''. The user is prompted for the password. If the`
		189	`file exists and cannot be read, or cannot be written, it is`
		190	`not altered and __htpasswd__ will display a message and`
		191	`return an error status.`
		192
		193
		194	`__htpasswd -mb /usr/web/.htpasswd-all jones`
		195	`Pwd4Steve__`
		196
		197
		198	`Encrypts the password from the command line`
		199	`(''Pwd4Steve'') using the MD5 algorithm, and stores it in`
		200	`the specified file.`
		201	`!!SECURITY CONSIDERATIONS`
		202
		203
		204	`Web password files such as those managed by __htpasswd__`
		205	`should __not__ be within the Web server's URI space --`
		206	`that is, they should not be fetchable with a`
		207	`browser.`
		208
		209
		210	`The use of the ''-b'' option is discouraged, since when`
		211	`it is used the unencrypted password appears on the command`
		212	`line.`
		213	`!!RESTRICTIONS`
		214
		215
		216	`On the Windows and MPE platforms, passwords encrypted with`
		217	`__htpasswd__ are limited to no more than 255 characters`
		218	`in length. Longer passwords will be truncated to 255`
		219	`characters.`
		220
		221
		222	`The MD5 algorithm used by __htpasswd__ is specific to the`
		223	`Apache software; passwords encrypted using it will not be`
		224	`usable with other Web servers.`
		225
		226
		227	`Usernames are limited to 255 bytes and may not include the`
		228	`character ':'.`
		229	`!!SEE ALSO`
		230
		231
		232	`__apache(8)__ and the scripts in support/SHA1 which come`
		233	`with the distribution.`
		234	`----`

This page is a man page (or other imported legacy content). We are unable to automatically determine the license status of this page.

Last edited on Monday, June 3, 2002 6:50:21 pm by "perry"

Edit PageHistory Diff Info LikePages