httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Maxwell Bottiger <>
Subject [users@httpd] sha1 encryption use in .htaccess
Date Wed, 25 Feb 2004 21:14:06 GMT
	I want to protect some directories on my web server.  I'm using 
Apache 2.0.40 on Fedora Core 1.  For some time I've been using a few perl 
modules that authenticate based on a password file created by htpasswd.  I 
haven't used .htaccess files before for restrictions and up until now I 
haven't had any problems either.
	Now I'm using a .htaccess file that looks like this:

AuthUserFile /usr/local/etc/httpd/passwd
AuthGroupFile /dev/null
AuthName Library
AuthType Basic
require valid-user

Pretty simple right?  Well, it almost works.  If I create a little local 
password file to test with and set all the passwords in it to 'crypt' 
style encryption then logins work.  However, my main web password file 
isn't stored in crypt format.  Everything in it is in sha1 format and was 
generated with htpasswd -s.

I REALLY don't want to change my password format, and it only makes sense 
that htpasswd creates only passwords that apache is capbable of reading.  
So how do I do it?

-Maxwell Bottiger

If at first you don't succeed, redefine success.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message