Apache: How to CRYPT password for .htaccess ?

Apache: How to CRYPT password for .htaccess ?

Post by Alfredo Rinal » Tue, 23 Jul 1996 04:00:00



I have problems in limiting access to some subdirectories on my
server.
I tried using no password, leaving blank the pwd field and, giving it
the enabled username, I have access to this directory (otherwise it
fails).
So my problem is in CRYPTing the password to be appended in the file
that stores info about users of groups enabled.

How can I have the password crypted ?
I tried using Unix CRYPT command but it requires a key (obviously).

I would appreciate any suggestion; thanks.

-----
Alfredo Rinaldi
Cap Gemini S.p.a. (Italy)

 
 
 

Apache: How to CRYPT password for .htaccess ?

Post by Magnus Stenma » Tue, 23 Jul 1996 04:00:00



> I have problems in limiting access to some subdirectories on my
> server.
> I tried using no password, leaving blank the pwd field and, giving it
> the enabled username, I have access to this directory (otherwise it
> fails).
> So my problem is in CRYPTing the password to be appended in the file
> that stores info about users of groups enabled.

> How can I have the password crypted ?
> I tried using Unix CRYPT command but it requires a key (obviously).

> I would appreciate any suggestion; thanks.

> -----
> Alfredo Rinaldi
> Cap Gemini S.p.a. (Italy)


Use htpasswd in the support/ dir of the apache distribution

/magnus

 
 
 

Apache: How to CRYPT password for .htaccess ?

Post by Kyler Lai » Tue, 30 Jul 1996 04:00:00


Quote:>>> So my problem is in CRYPTing the password to be appended in the file
>>> that stores info about users of groups enabled.
>>> How can I have the password crypted ?

In case you want to do it without screwing around with (ht)passwd
and manual entry, here's my hacked up version.  Just send the
password on standard input.  (We wouldn't want it in the argv[]
list, would we?)

Obviously, you could rip out the main() and put this in a larger
program.

--kyler

==============

#include <sys/types.h>
#include <stdio.h>
#include <string.h>
#include <sys/signal.h>
#include <stdlib.h>
#include <time.h>

char *crypt(char *pw, char *salt); /* why aren't these prototyped in include */

/* From local_passwd.c (C) Regents of Univ. of California blah blah */
static unsigned char itoa64[] =         /* 0 ... 63 => ascii - 64 */
        "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";

to64(s, v, n)
  register char *s;
  register long v;
  register int n;
{
    while (--n >= 0) {
        *s++ = itoa64[v&0x3f];
        v >>= 6;
    }

Quote:}

char *encrypt(char *pw) {
    char *cpw, salt[3];

    (void)srand((int)time((time_t *)NULL));
    to64(&salt[0],rand(),2);
    return(crypt(pw,salt));

Quote:}

main() {
        char pw[80];
        gets(pw);
        printf("%s", encrypt(pw));
    exit(0);
Quote:}

 
 
 

Apache: How to CRYPT password for .htaccess ?

Post by Mike Creswi » Tue, 30 Jul 1996 04:00:00




>> So my problem is in CRYPTing the password to be appended in the file
>> that stores info about users of groups enabled.
>> How can I have the password crypted ?
>> I would appreciate any suggestion; thanks.

>> -----
>> Alfredo Rinaldi
>> Cap Gemini S.p.a. (Italy)

>Use htpasswd in the support/ dir of the apache distribution
>/magnus

Or, do it the hard way, as I did.

Create a new user and assign a password with PASSWD.
Then edit the new line out of the passwoed file and into a .htpasswd
file.
Of course, you will have to do some work to remove the new user.

Mike Creswick
Practical Software Solutions

Member Association of Online Professionals
Member HTML Writers' Guild