htpasswd(1) - phpMan

Command: man perldoc info search(apropos)  

HTPASSWD(1)                                  htpasswd                                 HTPASSWD(1)



NAME
       htpasswd - Manage user files for basic authentication


SYNOPSIS
       htpasswd [ -c ] [ -m ] [ -D ] passwdfile username


       htpasswd -b [ -c ] [ -m | -d | -p | -s ] [ -D ] passwdfile username password


       htpasswd -n [ -m | -d | -s | -p ] username


       htpasswd -nb [ -m | -d | -s | -p ] username password



SUMMARY
       htpasswd  is used to create and update the flat-files used to store usernames and password
       for basic authentication of HTTP users. If htpasswd cannot access  a  file,  such  as  not
       being  able  to  write  to  the output file or not being able to read the file in order to
       update it, it returns an error status and makes no changes.


       Resources available from the Apache HTTP server can be restricted to just the users listed
       in  the  files  created  by htpasswd. This program can only manage usernames and passwords
       stored in a flat-file. It can encrypt and display password information for  use  in  other
       types of data stores, though. To use a DBM database see dbmmanage.


       htpasswd encrypts passwords using either a version of MD5 modified for Apache, or the sys-
       tem's crypt() routine. Files managed by htpasswd may contain both types of passwords; some
       user records may have MD5-encrypted passwords while others in the same file may have pass-
       words encrypted with crypt().


       This manual page only lists the command line arguments. For details of the directives nec-
       essary  to  configure user authentication in httpd see the Apache manual, which is part of
       the Apache distribution or can be found at http://httpd.apache.org/.



OPTIONS
       -b     Use batch mode; i.e., get the password from the command line rather than  prompting
              for it. This option should be used with extreme care, since the password is clearly
              visible on the command line.

       -c     Create the passwdfile. If passwdfile already exists, it is rewritten and truncated.
              This option cannot be combined with the -n option.

       -n     Display  the results on standard output rather than updating a file. This is useful
              for generating password records acceptable to Apache for inclusion in non-text data
              stores.  This  option  changes the syntax of the command line, since the passwdfile
              argument (usually the first one) is omitted. It cannot  be  combined  with  the  -c
              option.

       -m     Use MD5 encryption for passwords. On Windows, Netware and TPF, this is the default.

       -d     Use crypt() encryption for passwords. The default on  all  platforms  but  Windows,
              Netware  and TPF. Though possibly supported by htpasswd on all platforms, it is not
              supported by the httpd server on Windows, Netware and TPF.

       -s     Use SHA encryption for passwords. Facilitates migration  from/to  Netscape  servers
              using the LDAP Directory Interchange Format (ldif).

       -p     Use  plaintext  passwords.  Though htpasswd will support creation on all platforms,
              the httpd daemon will only accept plain text passwords on Windows, Netware and TPF.

       -D     Delete  user.  If  the  username  exists in the specified htpasswd file, it will be
              deleted.

       passwdfile
              Name of the file to contain the user name and password. If -c is given,  this  file
              is  created  if  it  does  not already exist, or rewritten and truncated if it does
              exist.

       username
              The username to create or update in passwdfile. If username does not exist in  this
              file, an entry is added. If it does exist, the password is changed.

       password
              The  plaintext  password to be encrypted and stored in the file. Only used with the
              -b flag.


EXIT STATUS
       htpasswd returns a zero status ("true") if the username and password  have  been  success-
       fully added or updated in the passwdfile. htpasswd returns 1 if it encounters some problem
       accessing files, 2 if there was a syntax problem with the command line, 3 if the  password
       was  entered interactively and the verification entry didn't match, 4 if its operation was
       interrupted, 5 if a value is too long (username, filename,  password,  or  final  computed
       record), 6 if the username contains illegal characters (see the Restrictions section), and
       7 if the file is not a valid password file.


EXAMPLES
             htpasswd /usr/local/etc/apache/.htpasswd-users jsmith



       Adds or modifies the password for user jsmith. The user is prompted for the  password.  If
       executed on a Windows system, the password will be encrypted using the modified Apache MD5
       algorithm; otherwise, the system's crypt() routine will be used.  If  the  file  does  not
       exist, htpasswd will do nothing except return an error.


             htpasswd -c /home/doe/public_html/.htpasswd jane



       Creates  a  new file and stores a record in it for user jane. The user is prompted for the
       password. If the file exists and cannot be read, or cannot be written, it is  not  altered
       and htpasswd will display a message and return an error status.


             htpasswd -mb /usr/web/.htpasswd-all jones Pwd4Steve



       Encrypts  the  password  from  the  command  line (Pwd4Steve) using the MD5 algorithm, and
       stores it in the specified file.


SECURITY CONSIDERATIONS
       Web password files such as those managed by htpasswd should not be within the Web server's
       URI space -- that is, they should not be fetchable with a browser.


       This program is not safe as a setuid executable. Do not make it setuid.


       The  use  of  the -b option is discouraged, since when it is used the unencrypted password
       appears on the command line.


       When using the crypt() algorithm, note that only the first 8 characters  of  the  password
       are  used  to  form the password. If the supplied password is longer, the extra characters
       will be silently discarded.


       The SHA encryption format does not use salting: for a given password, there  is  only  one
       encrypted  representation.  The  crypt()  and  MD5  formats  permute the representation by
       prepending a random salt string, to make dictionary attacks  against  the  passwords  more
       difficult.


RESTRICTIONS
       On the Windows and MPE platforms, passwords encrypted with htpasswd are limited to no more
       than 255 characters in length. Longer passwords will be truncated to 255 characters.


       The MD5 algorithm used by htpasswd is specific to the Apache software; passwords encrypted
       using it will not be usable with other Web servers.


       Usernames are limited to 255 bytes and may not include the character :.




Apache HTTP Server                          2007-04-24                                HTPASSWD(1)

Generated by $Id: phpMan.php,v 4.49 2006/02/26 13:18:18 chedong Exp $ Author: Che Dong
On Apache
Under GNU General Public License
2012-05-26 00:05 @38.107.179.236 Crawled by CCBot/1.0 (+http://www.commoncrawl.org/bot.html)
Valid XHTML 1.0!Valid CSS!