Date: Sat, 5 Apr 1997 18:24:54 -0700 (MST) From: Marc Slemko <marcs@znep.com> To: scott <scott@webnetix.com> Cc: freebsd-isp@freebsd.org Subject: Re: Webserver, htpasswd program. Message-ID: <Pine.BSF.3.95.970405181619.19091A-100000@alive.znep.com> In-Reply-To: <33464FAF.6D77@webnetix.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 5 Apr 1997, scott wrote: > Hi Everyone, > > When I installed the OS, Apache seemed to install fine. However, > how I am putting a .htaccess file on a subtree of web data, and > I can't find the 'htpasswd' program to create a password file. Check the support directory under your Apache source tree; it should be in there. You may have to add -lcrypt to the makefile if you are using an older (erm... not sure if the change to fix this was in the last beta or not) version. > Does anyone know what I should do? Also, could anyone tell me how > to use the UNIX passwd file instead of the one created by htpasswd? Don't. We have had around 4598 patches submitted to add this functionality but there is a reason it is not there. It is a great risk to system security, and the issue is not just one of transmitting cleartext passwords since, after all, they are normally transmitted cleartext anyway. Anyone else who has a web page on the same server can potentially grab a user's password without them knowing. This is bad. The idea is that if you don't know how to add the support yourself (one or two line change) you really can't fairly judge the consequences. You can probably find patches around that will do it, but I strongly recommend against it.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.970405181619.19091A-100000>