Q. How do I use htpasswd command to store username and passwords?
A. htpasswd is used to create and update the flat-files used to store usernames and password for basic authentication of HTTP users. If htpasswd cannot access a file, such as not being able to write to the output file or not being able to read the file in order to update it, it returns an error status and makes no changes.
Create a new password file
Following command will creates a new file and stores a record in it for user jerry. The user is prompted for the password. If the file exists and cannot be read, or cannot be written, it is not altered and htpasswd will display a message and return an error status.
# htpasswd -c /home/pwww/.htpasswd jerry
Change or update password
To add or modifies the password for user tom, enter:
# htpasswd /home/pwww/.htpasswd-users tom
The user is prompted for the password.
See previous FAQ : Apache password protect directories with .htaccess file for more examples.
You should follow me on twitter here or grab rss feed to keep track of new changes.
Featured Articles:
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop
{ 6 comments… read them below or add one }
FYI, I just had an issue where htpasswd’s folder wasn’t in the path. Instead it was in
/usr/local/apache/bin/
So I just added an alias to .bashrc:
alias htpasswd=”/usr/local/apache/bin/htpasswd”
CAUTION: If you use the -c parameter to add a new user, it will start the whole .htpaswd file from scratch, wiping any previous users/passwords.
To add more users to an existing .htpasswd file, be sure to leave out the -c.
Just a heads up, as I don’t think this was defined clearly enough in the article, and caused me about 5 minutes of ‘fun’ just before :P
Thanks Vivek Gite for the info
Thanks Max Johnson for the additional clarity as I may have ended up having a hell of a job trying to find out what was in the original file :)
Cheers
Dal
Hello-
Before I spend hours trying to figure this out, can someone tell me if it’s possible to read a plain text file consisting of usernames & passwords, encrypt the passwords, and the write the usernames & “encrypted passwords” to a .htpassword file all from within a shellscript that can be run from a daily cronjob?
Any help, advice, suggestions are greatly appreciated…
Thanks, Rick
@Rick (a very late reply): that sounds totally doable.
Write a bash script that that parses the plain text file and per line executes a certain variation of the htpasswd command.
Thanks for this. Helped me out in restricting access to a development site.