diff options
Diffstat (limited to 'APACHE_1_3_42/src/support/htpasswd.1')
-rw-r--r-- | APACHE_1_3_42/src/support/htpasswd.1 | 223 |
1 files changed, 223 insertions, 0 deletions
diff --git a/APACHE_1_3_42/src/support/htpasswd.1 b/APACHE_1_3_42/src/support/htpasswd.1 new file mode 100644 index 0000000000..1df8c36f43 --- /dev/null +++ b/APACHE_1_3_42/src/support/htpasswd.1 @@ -0,0 +1,223 @@ +.TH htpasswd 1 "February 2004" +.\" Licensed to the Apache Software Foundation (ASF) under one or more +.\" contributor license agreements. See the NOTICE file distributed with +.\" this work for additional information regarding copyright ownership. +.\" The ASF licenses this file to You under the Apache License, Version 2.0 +.\" (the "License"); you may not use this file except in compliance with +.\" the License. You may obtain a copy of the License at +.\" +.\" http://www.apache.org/licenses/LICENSE-2.0 +.\" +.\" Unless required by applicable law or agreed to in writing, software +.\" distributed under the License is distributed on an "AS IS" BASIS, +.\" WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +.\" See the License for the specific language governing permissions and +.\" limitations under the License. +.\" +.SH NAME +htpasswd \- Create and update user authentication files +.SH SYNOPSIS +.B htpasswd +[ +.B \-c +] +[ +.B \-m +| +.B \-d +| +.B \-s +| +.B \-p +] +.I passwdfile +.I username +.br +.B htpasswd +.B \-b +[ +.B \-c +] +[ +.B \-m +| +.B \-d +| +.B \-s +| +.B \-p +] +.I passwdfile +.I username +.I password +.br +.B htpasswd +.B \-n +[ +.B \-m +| +.B \-d +| +.B \-s +| +.B \-p +] +.I username +.br +.B htpasswd +.B \-nb +[ +.B \-m +| +.B \-d +| +.B \-s +| +.B \-p +] +.I username +.I password +.SH DESCRIPTION +.B htpasswd +is used to create and update the flat-files used to store +usernames and password for basic authentication of HTTP users. +If +.B htpasswd +cannot access a file, such as not being able to write to the output +file or not being able to read the file in order to update it, +it returns an error status and makes no changes. +.PP +Resources available from the +.B httpd +Apache web server can be restricted to just the users listed +in the files created by +.B htpasswd. +This program can only manage usernames and passwords +stored in a flat-file. It can encrypt and display password information +for use in other types of data stores, though. To use a +DBM database see +\fBdbmmanage\fP. +.PP +.B htpasswd +encrypts passwords using either a version of MD5 modified for Apache, +or the system's \fIcrypt()\fP routine. Files managed by +.B htpasswd +may contain both types of passwords; some user records may have +MD5-encrypted passwords while others in the same file may have passwords +encrypted with \fIcrypt()\fP. +.PP +This manual page only lists the command line arguments. For details of +the directives necessary to configure user authentication in +.B httpd +see +the Apache manual, which is part of the Apache distribution or can be +found at <URL:http://httpd.apache.org/>. +.SH OPTIONS +.IP \-b +Use batch mode; \fIi.e.\fP, get the password from the command line +rather than prompting for it. \fBThis option should be used with +extreme care, since the password is clearly visible on the command +line.\fP +.IP \-c +Create the \fIpasswdfile\fP. If \fIpasswdfile\fP already exists, it +is rewritten and truncated. This option cannot be combined with +the \fB-n\fP option. +.IP \-n +Display the results on standard output rather than updating a file. +This is useful for generating password records acceptable to Apache +for inclusion in non-text data stores. This option changes the +syntax of the command line, since the \fIpasswdfile\fP argument +(usually the first one) is omitted. It cannot be combined with +the \fB-c\fP option. +.IP \-m +Use Apache's modified MD5 algorithm for passwords. Passwords encrypted +with this algorithm are transportable to any platform (Windows, Unix, +BeOS, et cetera) running Apache 1.3.9 or later. On Windows and TPF, +this flag is the default. +.IP \-d +Use crypt() encryption for passwords. The default on all platforms but +Windows and TPF. Though possibly supported by +.B htpasswd +on all platforms, it is not supported by the +.B httpd +server on Windows and TPF. +.IP \-s +Use SHA encryption for passwords. Faciliates migration from/to Netscape +servers using the LDAP Directory Interchange Format (ldif). +.IP \-p +Use plaintext passwords. Though +.B htpasswd +will support creation on all platforms, the +.B httpd +deamon will only accept plain text passwords on Windows and TPF. +.IP \fB\fIpasswdfile\fP +Name of the file to contain the user name and password. If \-c +is given, this file is created if it does not already exist, +or rewritten and truncated if it does exist. +.IP \fB\fIusername\fP +The username to create or update in \fBpasswdfile\fP. If +\fIusername\fP does not exist in this file, an entry is added. If it +does exist, the password is changed. +.IP \fB\fIpassword\fP +The plaintext password to be encrypted and stored in the file. Only used +with the \fI-b\fP flag. +.SH EXIT STATUS +.B htpasswd +returns a zero status ("true") if the username and password have +been successfully added or updated in the \fIpasswdfile\fP. +.B htpasswd +returns 1 if it encounters some problem accessing files, 2 if there +was a syntax problem with the command line, 3 if the password was +entered interactively and the verification entry didn't match, 4 if +its operation was interrupted, 5 if a value is too long (username, +filename, password, or final computed record), and 6 if the username +contains illegal characters (see the \fBRESTRICTIONS\fP section). +.SH EXAMPLES +\fBhtpasswd /usr/local/etc/apache/.htpasswd-users jsmith\fP +.IP +Adds or modifies the password for user \fIjsmith\fP. +The user is prompted for the password. If executed +on a Windows system, the password will be encrypted using the +modified Apache MD5 algorithm; otherwise, the system's +\fIcrypt()\fP routine will be used. If the file does not +exist, +.B htpasswd +will do nothing except return an error. +.LP +\fBhtpasswd -c /home/doe/public_html/.htpasswd jane\fP +.IP +Creates a new file and stores a record in it for user \fIjane\fP. +The user is prompted for the password. +If the file exists and cannot be read, or cannot be written, +it is not altered and +.B htpasswd +will display a message and return an error status. +.LP +\fBhtpasswd -mb /usr/web/.htpasswd-all jones Pwd4Steve\fP +.IP +Encrypts the password from the command line (\fIPwd4Steve\fP) using +the MD5 algorithm, and stores it in the specified file. +.LP +.SH SECURITY CONSIDERATIONS +Web password files such as those managed by +.B htpasswd +should \fBnot\fP be within the Web server's URI space -- that is, +they should not be fetchable with a browser. +.PP +The use of the \fI-b\fP option is discouraged, since when it is +used the unencrypted password appears on the command line. +.SH RESTRICTIONS +On the Windows and MPE platforms, passwords encrypted with +.B htpasswd +are limited to no more than 255 characters in length. Longer +passwords will be truncated to 255 characters. +.PP +The MD5 algorithm used by +.B htpasswd +is specific to the Apache software; passwords encrypted using it will not be +usable with other Web servers. +.PP +Usernames are limited to 255 bytes and may not include the character ':'. +.SH SEE ALSO +.BR httpd(8) +and the scripts in support/SHA1 which come with the distribution. |