Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.mel.connect.com.au!news.mira.net.au!inquo!in-news.erinet.com!ddsw1!news.mcs.net!www.nntp.primenet.com!nntp.primenet.com!hunter.premier.net!news1.erols.com!news From: Ken Bigelow <kbigelow@www.play-hookey.com> Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: Getting 'htpasswd' to work w/Apache & FreeBSD Date: Fri, 20 Sep 1996 16:01:18 +0000 Organization: Erol's Internet Services Lines: 37 Message-ID: <3242BFCE.2E7F@www.play-hookey.com> References: <32425F5F.3DD7@digicity.net> Reply-To: kbigelow@www.play-hookey.com NNTP-Posting-Host: kenjb05.play-hookey.com Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 3.0 (Win16; U) Damien Thorn wrote: > > We've operated the Apache httpd on FreeBSD for more than a year > without problem. A client now needs to implement authentication to > several subdirectories, so we upgraded the the latest version of > Apache and compiled the HTPASSWD program to generate password files > for authentication. > > However, we keep getting errors of "Password Mismatch." > > In browsing some archives, I noted potential problems between DES and > MD5 encryption. The server runs FreeBSD with MD5 (I assume), and > the copy of Apache we compiled came from the freebsd.org ports > collection and I assume is therefore patched appropriately. > > We included -lcrypt as an extra lib when we compiled the htpasswd > binary as well. > > Any clues or suggestions? (Thanks in advance!) > Try this (which is what I did): Recompile apache and include the module on dbm databases. (Not essential, but very desirable if you want to handle lots of users without long linear name searches.) Then use the dbmmanage utility provided with apache to manipulate the dbm files. I put my dbm files into a new directory of /www (as opposed to apache's /usr/local/www path), so they can't be accessed by browsers, but can be specified in the .htaccess files and accessed for authentication. Note that the web access passwords are totally separate from the system login passwords, and should remain so. -- Ken Are you interested in | byte-sized education | http://www.play-hookey.com over the Internet? |