httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Jones" <b...@fccj.org>
Subject Re: encrypting passwords
Date Thu, 18 Mar 1999 03:54:04 GMT
You should use https (SSL) for sending passwords, etc.

Also, you could use the Expect development
system ( see http://expect.nist.gov )
or you could do something in perl like -

#!perl

use Net::Telnet;
$obj = new Net::Telnet (Timeout => 10,
                      Prompt => '/\% $/');
$obj->open("localhost");
$obj->login('user', 'oldpswd');

# Example passwd session prompts:
# Enter login password:
# New password:
# Re-enter new password:
# [8:56pm] 100 [/drv3/home/staff/bill/perl]:astro%

$ok = $obj->cmd(String   => '/bin/passwd',
                Prompt  => '/Enter login password/',
                Timeout => 10);

$ok = $obj->cmd(String   => 'oldpswd',
                Prompt  => '/New password:/',
                Timeout => 10);

$ok = $obj->cmd(String   => 'newpswd',
                Prompt  => '/Re-enter new password:/',
                Timeout => 10);

$ok = $obj->cmd(String   => 'newpswd',
                Prompt  => '/\% $/',
                Timeout => 10);
exit;


But this has gone way off Apache topics, so ...
________________________________________________________________________
Bill Jones  |  FCCJ Webmaster  |  http://www.fccj.org/cgi/mail?webmaster
FCCJ  |  501 W State St  |  Jacksonville, FL 32202  |  1 (904) 632-3089

         Jacksonville Perl Mongers
         http://jacksonville.pm.org
         jax@jacksonville.pm.org

----------
>From: "Charles Sliger" <chaz@reliant.com>
>To: new-httpd@apache.org
>Subject: Re: encrypting passwords
>Date: Wed, Mar 17, 1999, 7:39 PM
>

> Now that I've taken a look at the man page for htpasswd,
> I'm not sure I can use it in a script.  It's apparently
> hardwired for interactive use.
> -chaz
> 

Mime
View raw message