Written by Jerry McAllister on 07/07/08 10:26>> > On Mon, Jul 07, 2008 at 02:18:49PM +0200, Jos Chrispijn wrote: > >> I ran into a problem last night that I was able to solve, but generated a >> question: >> >> I have this hosting provider (uses Debian OS) on which I can't use htpasswd >> to generate user and password to protect a single file. > > Probably was not in your path. You may have to find out where it > is and add that directory to your path or use the full pathname when > invoking it. > > >> To have this done I solved it as follows: did a htpasswd on my own server >> (FreeBSD 7) and simply copied the file with the user:password (scrambled) to >> my home directory I have with this hosting provider and referred in the >> .htaccess to it. And now comes the fun stuff: it worked without probs. >> >> >> So the algorithm that is used on FreeBSD to scramble a user password is the >> same as it is used by Debian? Isn't that a security gap? > > That is something done by Apache and is common to all implementations > unless you change it. I never looked, but I think it uses one of > the commonly use encryption algorithms, maybe even the same one > used for regular passwords. > > > ////jerry > >
In fact it's either an Apache adaptation of MD5, SHA, plaintext, or the system's crypt(). The encryption mechanism can be specified per-user with the m,d,s, and p flags. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
