mirror of
https://github.com/apache/httpd.git
synced 2025-08-26 05:42:34 +03:00
change the format slightly. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87875 13f79535-47bb-0310-9956-ffa450edef68
161 lines
7.9 KiB
HTML
161 lines
7.9 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
|
|
<html>
|
|
<head><title>Manual Page: htpasswd - Apache HTTP Server</title></head>
|
|
<body bgcolor="#ffffff" text="#000000" link="#0000ff"
|
|
vlink="#000080" alink="#ff0000">
|
|
<!--#include virtual="header.html" -->
|
|
<h1 align="center">Manual Page: htpasswd</h1>
|
|
<!-- This document was autogenerated from the man page -->
|
|
<pre>
|
|
<strong>NAME</strong>
|
|
htpasswd - Create and update user authentication files
|
|
|
|
<strong>SYNOPSIS</strong>
|
|
<strong>htpasswd </strong>[ -<strong>c </strong>] [ -<strong>m </strong>] <em>passwdfile username</em>
|
|
<strong>htpasswd </strong>-<strong>b </strong>[ -<strong>c </strong>] [ -<strong>m </strong>| -<strong>d </strong>| -<strong>p </strong>| -<strong>s </strong>] <em>passwdfile username</em>
|
|
<em>password</em>
|
|
<strong>htpasswd </strong>-<strong>n </strong>[ -<strong>m </strong>| -<strong>d </strong>| -<strong>s </strong>| -<strong>p </strong>] <em>username</em>
|
|
<strong>htpasswd </strong>-<strong>nb </strong>[ -<strong>m </strong>| -<strong>d </strong>| -<strong>s </strong>| -<strong>p </strong>] <em>username password</em>
|
|
|
|
<strong>DESCRIPTION</strong>
|
|
<strong>htpasswd </strong>is used to create and update the flat-files used to
|
|
store usernames and password for basic authentication of
|
|
HTTP users. If <strong>htpasswd </strong>cannot access a file, such as not
|
|
being able to write to the output file or not being able to
|
|
read the file in order to update it, it returns an error
|
|
status and makes no changes.
|
|
|
|
Resources available from the <strong>httpd </strong>Apache web server can be
|
|
restricted to just the users listed in the files created by
|
|
<strong>htpasswd. </strong>This program can only manage usernames and pass-
|
|
words stored in a flat-file. It can encrypt and display
|
|
password information for use in other types of data stores,
|
|
though. To use a DBM database see <strong>dbmmanage</strong>.
|
|
|
|
<strong>htpasswd </strong>encrypts passwords using either a version of MD5
|
|
modified for Apache, or the system's <em>crypt</em>() routine. Files
|
|
managed by <strong>htpasswd </strong>may contain both types of passwords;
|
|
some user records may have MD5-encrypted passwords while
|
|
others in the same file may have passwords encrypted with
|
|
<em>crypt</em>().
|
|
|
|
This manual page only lists the command line arguments. For
|
|
details of the directives necessary to configure user
|
|
authentication in <strong>httpd </strong>see the Apache manual, which is part
|
|
of the Apache distribution or can be found at
|
|
<URL:http://www.apache.org/>.
|
|
|
|
<strong>OPTIONS</strong>
|
|
-b Use batch mode; <em>i</em>.<em>e</em>., get the password from the command
|
|
line rather than prompting for it. <strong>This option should</strong>
|
|
<strong>be used with extreme care, since the password is</strong>
|
|
<strong>clearly visible on the command line.</strong>
|
|
|
|
-c Create the <em>passwdfile</em>. If <em>passwdfile </em>already exists, it
|
|
is rewritten and truncated. This option cannot be com-
|
|
bined with the <strong>-n </strong>option.
|
|
|
|
-n Display the results on standard output rather than
|
|
updating a file. This is useful for generating pass-
|
|
word records acceptable to Apache for inclusion in
|
|
non-text data stores. This option changes the syntax
|
|
of the command line, since the <em>passwdfile </em>argument
|
|
(usually the first one) is omitted. It cannot be com-
|
|
bined with the <strong>-c </strong>option.
|
|
|
|
-m Use MD5 encryption for passwords. On Windows and TPF,
|
|
this is the default.
|
|
|
|
-d Use crypt() encryption for passwords. The default on
|
|
all platforms but Windows and TPF. Though possibly sup-
|
|
ported by <strong>htpasswd </strong>on all platforms, it is not sup-
|
|
ported by the <strong>httpd </strong>server on Windows and TPF.
|
|
|
|
-s Use SHA encryption for passwords. Facilitates migration
|
|
from/to Netscape servers using the LDAP Directory
|
|
Interchange Format (ldif).
|
|
|
|
-p Use plaintext passwords. Though <strong>htpasswd </strong>will support
|
|
creation on all platforms, the <strong>httpd </strong>daemon will only
|
|
accept plain text passwords on Windows and TPF.
|
|
|
|
<em>passwdfile</em>
|
|
Name of the file to contain the user name and password.
|
|
If -c is given, this file is created if it does not
|
|
already exist, or rewritten and truncated if it does
|
|
exist.
|
|
|
|
<em>username</em>
|
|
The username to create or update in <strong>passwdfile</strong>. If
|
|
<em>username </em>does not exist in this file, an entry is
|
|
added. If it does exist, the password is changed.
|
|
|
|
<em>password</em>
|
|
The plaintext password to be encrypted and stored in
|
|
the file. Only used with the -<em>b </em>flag.
|
|
|
|
<strong>EXIT STATUS</strong>
|
|
<strong>htpasswd </strong>returns a zero status ("true") if the username and
|
|
password have been successfully added or updated in the
|
|
<em>passwdfile</em>. <strong>htpasswd </strong>returns 1 if it encounters some prob-
|
|
lem accessing files, 2 if there was a syntax problem with
|
|
the command line, 3 if the password was entered interac-
|
|
tively and the verification entry didn't match, 4 if its
|
|
operation was interrupted, 5 if a value is too long (user-
|
|
name, filename, password, or final computed record), and 6
|
|
if the username contains illegal characters (see the <strong>RES-</strong>
|
|
<strong>TRICTIONS </strong>section).
|
|
|
|
<strong>EXAMPLES</strong>
|
|
<strong>htpasswd /usr/local/etc/apache/.htpasswd-users jsmith</strong>
|
|
|
|
Adds or modifies the password for user <em>jsmith</em>. The user
|
|
is prompted for the password. If executed on a Windows
|
|
system, the password will be encrypted using the modi-
|
|
fied Apache MD5 algorithm; otherwise, the system's
|
|
<em>crypt</em>() routine will be used. If the file does not
|
|
exist, <strong>htpasswd </strong>will do nothing except return an error.
|
|
|
|
<strong>htpasswd -c /home/doe/public_html/.htpasswd jane</strong>
|
|
|
|
Creates a new file and stores a record in it for user
|
|
<em>jane</em>. The user is prompted for the password. If the
|
|
file exists and cannot be read, or cannot be written,
|
|
it is not altered and <strong>htpasswd </strong>will display a message
|
|
and return an error status.
|
|
|
|
<strong>htpasswd -mb /usr/web/.htpasswd-all jones Pwd4Steve</strong>
|
|
|
|
Encrypts the password from the command line (<em>Pwd4Steve</em>)
|
|
using the MD5 algorithm, and stores it in the specified
|
|
file.
|
|
|
|
<strong>SECURITY CONSIDERATIONS</strong>
|
|
Web password files such as those managed by <strong>htpasswd </strong>should
|
|
<strong>not </strong>be within the Web server's URI space -- that is, they
|
|
should not be fetchable with a browser.
|
|
|
|
The use of the -<em>b </em>option is discouraged, since when it is
|
|
used the unencrypted password appears on the command line.
|
|
|
|
<strong>RESTRICTIONS</strong>
|
|
On the Windows and MPE platforms, passwords encrypted with
|
|
<strong>htpasswd </strong>are limited to no more than 255 characters in
|
|
length. Longer passwords will be truncated to 255 charac-
|
|
ters.
|
|
|
|
The MD5 algorithm used by <strong>htpasswd </strong>is specific to the Apache
|
|
software; passwords encrypted using it will not be usable
|
|
with other Web servers.
|
|
|
|
Usernames are limited to 255 bytes and may not include the
|
|
character ':'.
|
|
|
|
<strong>SEE ALSO</strong>
|
|
<strong>httpd(8) </strong>and the scripts in support/SHA1 which come with the
|
|
distribution.
|
|
|
|
</pre>
|
|
<!--#include virtual="footer.html" -->
|
|
</body></html>
|