apache - setup of password file without using htpasswd

apache - setup of password file without using htpasswd

Post by Martin » Thu, 31 May 2001 22:39:47



I am trying to setup my username / password file for a folder on my website.
The problem is that I don't have telnet access to my site, and so can't use
htpasswd.

Is it possible to create the .htpasswd file offline, and upload it to my
site via ftp?

I have copied an example from the web to my folder, and although I get the
password entry box, the user / password combination are not accepted.

At this stage, I am not concerned with making the security "bullet proof"
and have stored .htaccess and .htpasswd in the same folder on my site.

In theory, using the following files, and supplying the username/password
combo of fido/bones should allow access to the folder, but this is not the
case.

Here is a copy of my .htaccess file...

AuthUserFile /home/sites/site58/web/martin/.htpasswd
AuthGroupFile /dev/null
AuthName ExampleByPassword
AuthType Basic
<Limit GET>
require user fido
</Limit>

Here is a copy of my .htpasswd file...

fido:h5HhgnhegqFIw

 
 
 

apache - setup of password file without using htpasswd

Post by daltri » Fri, 01 Jun 2001 00:52:47


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello MartinT,


Quote:> I am trying to setup my username / password file for a folder on my
> website. The problem is that I don't have telnet access to my site,
> and so can't use htpasswd.

> Is it possible to create the .htpasswd file offline, and upload it
> to my site via ftp?

Yes, go to http://www.hwired.com/tools/makepass.shtml
and fill in your username / password that you want encrypted.  Then
copy
the output to your .htpasswd file and upload it.

Quote:

> I have copied an example from the web to my folder, and although I
> get the password entry box, the user / password combination are not
> accepted.

> At this stage, I am not concerned with making the security "bullet
> proof" and have stored .htaccess and .htpasswd in the same folder
> on my site.

> In theory, using the following files, and supplying the
> username/password combo of fido/bones should allow access to the
> folder, but this is not the case.

> Here is a copy of my .htaccess file...

> AuthUserFile /home/sites/site58/web/martin/.htpasswd
> AuthGroupFile /dev/null
> AuthName ExampleByPassword
> AuthType Basic
> <Limit GET>
> require user fido
> </Limit>

> Here is a copy of my .htpasswd file...

> fido:h5HhgnhegqFIw

make sure you move your .htpasswd file to a directory that is not
accessible
via http after you get his going.

here is the username:password encryption for the following login and
pass you specified in your email.

Username: fido Password: bones
fido:aeumx.volNhyY

Have Fun!
daltrix

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBOxUXTI/YDJw8ysF7EQIZAwCgnScaDL/mbgD5L0WB20SJxNVVG84AoPG4
GYRvC2ZKocvotgO1UvnjMRxv
=Scc6
-----END PGP SIGNATURE-----

 
 
 

apache - setup of password file without using htpasswd

Post by Martin » Fri, 01 Jun 2001 01:50:28


daltrix,

Thanks for your reply - I still have the same problem that my
username/password combo don't work - have you any other suggestions?
otherwise, I will have to assume that my isp is to blame.

Regards,

Martin


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1

> Hello MartinT,



> > I am trying to setup my username / password file for a folder on my
> > website. The problem is that I don't have telnet access to my site,
> > and so can't use htpasswd.

> > Is it possible to create the .htpasswd file offline, and upload it
> > to my site via ftp?

> Yes, go to http://www.hwired.com/tools/makepass.shtml
> and fill in your username / password that you want encrypted.  Then
> copy
> the output to your .htpasswd file and upload it.

> > I have copied an example from the web to my folder, and although I
> > get the password entry box, the user / password combination are not
> > accepted.

> > At this stage, I am not concerned with making the security "bullet
> > proof" and have stored .htaccess and .htpasswd in the same folder
> > on my site.

> > In theory, using the following files, and supplying the
> > username/password combo of fido/bones should allow access to the
> > folder, but this is not the case.

> > Here is a copy of my .htaccess file...

> > AuthUserFile /home/sites/site58/web/martin/.htpasswd
> > AuthGroupFile /dev/null
> > AuthName ExampleByPassword
> > AuthType Basic
> > <Limit GET>
> > require user fido
> > </Limit>

> > Here is a copy of my .htpasswd file...

> > fido:h5HhgnhegqFIw

> make sure you move your .htpasswd file to a directory that is not
> accessible
> via http after you get his going.

> here is the username:password encryption for the following login and
> pass you specified in your email.

> Username: fido Password: bones
> fido:aeumx.volNhyY

> Have Fun!
> daltrix

> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

> iQA/AwUBOxUXTI/YDJw8ysF7EQIZAwCgnScaDL/mbgD5L0WB20SJxNVVG84AoPG4
> GYRvC2ZKocvotgO1UvnjMRxv
> =Scc6
> -----END PGP SIGNATURE-----

 
 
 

apache - setup of password file without using htpasswd

Post by Michael Heimin » Fri, 01 Jun 2001 06:04:31



> daltrix,

> Thanks for your reply - I still have the same problem that my
> username/password combo don't work - have you any other suggestions?
> otherwise, I will have to assume that my isp is to blame.

Nope, the admins probably did a good job and did put
"AllowOverride None" in the right position in httpd.conf, case they
are really using apache.

You should ask you ISP, if it's possible for you to use .htaccess.

Good luck

Michael Heiming

 
 
 

apache - setup of password file without using htpasswd

Post by Oleg Letsinsk » Mon, 04 Jun 2001 22:22:30


Wed, 30 May 2001 14:39:47 +0100, MartinT  to All:

Quote:> Here is a copy of my .htaccess file...
> AuthUserFile /home/sites/site58/web/martin/.htpasswd
> AuthGroupFile /dev/null
> AuthName ExampleByPassword
> AuthType Basic
> <Limit GET>
> require user fido

          ^^^^^^^^
Change this to  "require valid-user"
Quote:> </Limit>

and ensure that your .htpasswd is readable by the "apache" user (or
whatever user your httpd uses).

--
  May the bluebird of happiness twiddle your bits.

 
 
 

1. Can I create an .htpasswd file without using the htpassword command?

I have a problem.  I want to create an .htpasswd file on my web server
to protect certain directories, but I don't have telnet, therefore I
can't use the htpasswd -c command!  I was wondering if I could call
this command from a CGI script and it would work...or am I pretty much
screwed?  Thanks for any help!!

--
R.Joseph
http://www.24-7design.com
http://bowdown.to

Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.

2. Multi Headed (Screend) kde.

3. user-password file permission of htpasswd - apache

4. 2.6.3 GCC for a Pentium

5. Apache htpasswd won't append to password file

6. Default background picture for X

7. Protect files with password ... without the password

8. knode posting gobldegook error message

9. How to generate password text for .htpasswd on Apache

10. Apache: Parsing XSSI files without using HTTP

11. User authentication using UNIX password file with Apache

12. Using linux .htpasswd file in bsd

13. apache: dbm and combined htpasswd/htgroup files