Date: Tue, 16 Jul 2002 14:57:03 +0530 From: "Naga Suresh B" <torvalds@addr.com> To: "Chris BeHanna" <behanna@zbzoom.net> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re: plain text password Message-ID: <010501c22caa$f3855820$9600a8c0@blraddrcom> References: <20020715002931.O58350-100000@topperwein.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hai,
The solution which u had given is very nice.But it is not putting
properly in the htpasswd file we made a small change to u r script. After
making that change it started working fine. Thanks for u r help.
I am giving the altered script below:-
cat /etc/master.passwd | awk -F":" '{ printf("%s:%s\n", $1, $2) }' >
/usr/local/www/site/phpMyadmin/httpd_access
----- Original Message -----
From: "Chris BeHanna" <behanna@zbzoom.net>
To: "Naga Suresh B" <torvalds@addr.com>
Sent: Monday, July 15, 2002 10:03 AM
Subject: Re: plain text password
> On Mon, 15 Jul 2002, Naga Suresh B wrote:
>
> > I want to create users with plain text password I want to make use of
> > /etc/passwd file to be accessed through apache.
>
> This is very dangerous. Plain-text passwords in general are a
> very bad idea.
>
> Note that Apache supports both DES (older crypt()-style) and MD5
> password hashes in the htpasswd program.
>
> > I want to globalise the passwd facility in our company. If I create
> > a user and passwd on the server he must be able to access the
> > intranet, server with the same password, Please give me if any
> > solution is there for this, I know how to do that on Linux is there
> > anything like that on FreeBSD Please give me solution. solution as
> > early as possible.
>
> To do what you want to do, I'd suggest something like this:
>
> cat /etc/master.passwd | awk -F":" '{ printf("%s:%s", $1, $2) }' >
/usr/local/etc/apache/htpasswd
>
> Run it out of cron every so often, or put together a passwd change
> script that users should use that will automatically run the above
> command every time the user changes his or her password.
>
> Presto: now you have unified passwords WITHOUT the folly of using
> plaintext passwords.
>
> --
> Chris BeHanna
> Software Engineer (Remove "bogus" before responding.)
> behanna@bogus.zbzoom.net
> Turning coffee into software since 1990.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?010501c22caa$f3855820$9600a8c0>