Q. How do I use htpasswd command to store username and passwords?
A. htpasswd is used to create and update the flat-files used to store usernames and password for basic authentication of HTTP users. If htpasswd cannot access a file, such as not being able to write to the output file or not being able to read the file in order to update it, it returns an error status and makes no changes.
Create a new password file
Following command will creates a new file and stores a record in it for user jerry. The user is prompted for the password. If the file exists and cannot be read, or cannot be written, it is not altered and htpasswd will display a message and return an error status.
# htpasswd -c /home/pwww/.htpasswd jerry
Change or update password
To add or modifies the password for user tom, enter:
# htpasswd /home/pwww/.htpasswd-users tom
The user is prompted for the password.
See previous FAQ : Apache password protect directories with .htaccess file for more examples.
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- My 10 UNIX Command Line Mistakes
- Linux: 20 Iptables Examples For New SysAdmins
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
Facebook it - Tweet it - Print it -
{ 4 comments… read them below or add one }
FYI, I just had an issue where htpasswd’s folder wasn’t in the path. Instead it was in
/usr/local/apache/bin/
So I just added an alias to .bashrc:
alias htpasswd=”/usr/local/apache/bin/htpasswd”
CAUTION: If you use the -c parameter to add a new user, it will start the whole .htpaswd file from scratch, wiping any previous users/passwords.
To add more users to an existing .htpasswd file, be sure to leave out the -c.
Just a heads up, as I don’t think this was defined clearly enough in the article, and caused me about 5 minutes of ‘fun’ just before :P
Thanks Vivek Gite for the info
Thanks Max Johnson for the additional clarity as I may have ended up having a hell of a job trying to find out what was in the original file :)
Cheers
Dal
Hello-
Before I spend hours trying to figure this out, can someone tell me if it’s possible to read a plain text file consisting of usernames & passwords, encrypt the passwords, and the write the usernames & “encrypted passwords” to a .htpassword file all from within a shellscript that can be run from a daily cronjob?
Any help, advice, suggestions are greatly appreciated…
Thanks, Rick