diff options
Diffstat (limited to 'APACHE_1_3_42/htdocs/manual/programs/htpasswd.html.en')
-rw-r--r-- | APACHE_1_3_42/htdocs/manual/programs/htpasswd.html.en | 174 |
1 files changed, 174 insertions, 0 deletions
diff --git a/APACHE_1_3_42/htdocs/manual/programs/htpasswd.html.en b/APACHE_1_3_42/htdocs/manual/programs/htpasswd.html.en new file mode 100644 index 0000000000..67de07d286 --- /dev/null +++ b/APACHE_1_3_42/htdocs/manual/programs/htpasswd.html.en @@ -0,0 +1,174 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> + +<html xmlns="http://www.w3.org/1999/xhtml"> + <head> + <meta name="generator" content="HTML Tidy, see www.w3.org" /> + + <title>Manual Page: htpasswd - Apache HTTP Server</title> + </head> + <!-- Background white, links blue (unvisited), navy (visited), red (active) --> + + <body bgcolor="#ffffff" text="#000000" link="#0000ff" + vlink="#000080" alink="#ff0000"> + <!--#include virtual="header.html" --> + + <h1 align="center">Manual Page: htpasswd</h1> + <!-- This document was autogenerated from the man page --> +<pre> +<strong>NAME</strong> + htpasswd - Create and update user authentication files + +<strong>SYNOPSIS</strong> + <strong>htpasswd</strong> [ -<strong>c</strong> ] [ -<strong>m</strong> | -<strong>d</strong> | -<strong>s</strong> | -<strong>p</strong> ] <em>passwdfile username</em> + <strong>htpasswd</strong> -<strong>b</strong> [ -<strong>c</strong> ] [ -<strong>m</strong> | -<strong>d</strong> | -<strong>s</strong> | -<strong>p</strong> ] <em>passwdfile username</em> + <em>password</em> + <strong>htpasswd</strong> -<strong>n</strong> [ -<strong>m</strong> | -<strong>d</strong> | -<strong>s</strong> | -<strong>p</strong> ] <em>username</em> + <strong>htpasswd</strong> -<strong>nb</strong> [ -<strong>m</strong> | -<strong>d</strong> | -<strong>s</strong> | -<strong>p</strong> ] <em>username password</em> + +<strong>DESCRIPTION</strong> + <strong>htpasswd</strong> is used to create and update the flat-files used to + store usernames and password for basic authentication of + HTTP users. If <strong>htpasswd</strong> cannot access a file, such as not + being able to write to the output file or not being able to + read the file in order to update it, it returns an error + status and makes no changes. + + Resources available from the <strong>httpd</strong> Apache web server can be + restricted to just the users listed in the files created by + <strong>htpasswd.</strong> This program can only manage usernames and pass- + words stored in a flat-file. It can encrypt and display + password information for use in other types of data stores, + though. To use a DBM database see <strong>dbmmanage</strong>. + + <strong>htpasswd</strong> encrypts passwords using either a version of MD5 + modified for Apache, or the system's <em>crypt</em>() routine. Files + managed by <strong>htpasswd</strong> may contain both types of passwords; + some user records may have MD5-encrypted passwords while + others in the same file may have passwords encrypted with + <em>crypt</em>(). + + This manual page only lists the command line arguments. For + details of the directives necessary to configure user + authentication in <strong>httpd</strong> see the Apache manual, which is part + of the Apache distribution or can be found at + <URL:http://www.apache.org/>. + +<strong>OPTIONS</strong> + -b Use batch mode; <em>i</em>.<em>e</em>., get the password from the command + line rather than prompting for it. <strong>This option should</strong> + <strong>be used with extreme care, since the password is</strong> + <strong>clearly visible on the command line.</strong> + + -c Create the <em>passwdfile</em>. If <em>passwdfile</em> already exists, it + is rewritten and truncated. This option cannot be com- + bined with the <strong>-n</strong> option. + + -n Display the results on standard output rather than + updating a file. This is useful for generating pass- + word records acceptable to Apache for inclusion in + non-text data stores. This option changes the syntax + of the command line, since the <em>passwdfile</em> argument + (usually the first one) is omitted. It cannot be com- + bined with the <strong>-c</strong> option. + + -m Use Apache's modified MD5 algorithm for passwords. + Passwords encrypted with this algorithm are transport- + able to any platform (Windows, Unix, BeOS, et cetera) + running Apache 1.3.9 or later. On Windows and TPF, + this flag is the default. + + -d Use crypt() encryption for passwords. The default on + all platforms but Windows and TPF. Though possibly sup- + ported by <strong>htpasswd</strong> on all platforms, it is not sup- + ported by the <strong>httpd</strong> server on Windows and TPF. + + -s Use SHA encryption for passwords. Faciliates migration + from/to Netscape servers using the LDAP Directory + Interchange Format (ldif). + + -p Use plaintext passwords. Though <strong>htpasswd</strong> will support + creation on all platforms, the <strong>httpd</strong> deamon will only + accept plain text passwords on Windows and TPF. + + <em>passwdfile</em> + Name of the file to contain the user name and password. + If -c is given, this file is created if it does not + already exist, or rewritten and truncated if it does + exist. + + <em>username</em> + The username to create or update in <strong>passwdfile</strong>. If + <em>username</em> does not exist in this file, an entry is + added. If it does exist, the password is changed. + + <em>password</em> + The plaintext password to be encrypted and stored in + the file. Only used with the -<em>b</em> flag. + +<strong>EXIT STATUS</strong> + <strong>htpasswd</strong> returns a zero status ("true") if the username and + password have been successfully added or updated in the + <em>passwdfile</em>. <strong>htpasswd</strong> returns 1 if it encounters some prob- + lem accessing files, 2 if there was a syntax problem with + the command line, 3 if the password was entered interac- + tively and the verification entry didn't match, 4 if its + operation was interrupted, 5 if a value is too long (user- + name, filename, password, or final computed record), and 6 + if the username contains illegal characters (see the <strong>RES-</strong> + <strong>TRICTIONS</strong> section). + +<strong>EXAMPLES</strong> + <strong>htpasswd /usr/local/etc/apache/.htpasswd-users jsmith</strong> + + Adds or modifies the password for user <em>jsmith</em>. The user + is prompted for the password. If executed on a Windows + system, the password will be encrypted using the modi- + fied Apache MD5 algorithm; otherwise, the system's + <em>crypt</em>() routine will be used. If the file does not + exist, <strong>htpasswd</strong> will do nothing except return an error. + + <strong>htpasswd -c /home/doe/public_html/.htpasswd jane</strong> + + Creates a new file and stores a record in it for user + <em>jane</em>. The user is prompted for the password. If the + file exists and cannot be read, or cannot be written, + it is not altered and <strong>htpasswd</strong> will display a message + and return an error status. + + <strong>htpasswd -mb /usr/web/.htpasswd-all jones Pwd4Steve</strong> + + Encrypts the password from the command line (<em>Pwd4Steve</em>) + using the MD5 algorithm, and stores it in the specified + file. + +<strong>SECURITY CONSIDERATIONS</strong> + Web password files such as those managed by <strong>htpasswd</strong> should + <strong>not</strong> be within the Web server's URI space -- that is, they + should not be fetchable with a browser. + + The use of the -<em>b</em> option is discouraged, since when it is + used the unencrypted password appears on the command line. + +<strong>RESTRICTIONS</strong> + On the Windows and MPE platforms, passwords encrypted with + <strong>htpasswd</strong> are limited to no more than 255 characters in + length. Longer passwords will be truncated to 255 charac- + ters. + + The MD5 algorithm used by <strong>htpasswd</strong> is specific to the Apache + software; passwords encrypted using it will not be usable + with other Web servers. + + Usernames are limited to 255 bytes and may not include the + character ':'. + +<strong>SEE ALSO</strong> + <strong>httpd(8)</strong> and the scripts in support/SHA1 which come with the + distribution. + +</pre> + <!--#include virtual="footer.html" --> + </body> +</html> + |