From owner-freebsd-security Tue Jul 16 2:27:55 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2056B37B400 for ; Tue, 16 Jul 2002 02:27:52 -0700 (PDT) Received: from addr-mx01.addr.com (addr-mx01.addr.com [209.249.147.145]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9714E43E64 for ; Tue, 16 Jul 2002 02:27:51 -0700 (PDT) (envelope-from torvalds@addr.com) Received: from proxy1.addr.com (proxy1.addr.com [209.249.147.28]) by addr-mx01.addr.com (8.12.2/8.12.2) with ESMTP id g6G9Ro2v070745; Tue, 16 Jul 2002 02:27:50 -0700 (PDT) Received: from TS22 ([202.71.153.170]) by proxy1.addr.com (8.11.6/8.9.1) with ESMTP id g6G9Rmg21646; Tue, 16 Jul 2002 02:27:48 -0700 (PDT) (envelope-from torvalds@addr.com)(envelope-to ) Message-ID: <010501c22caa$f3855820$9600a8c0@blraddrcom> From: "Naga Suresh B" To: "Chris BeHanna" Cc: References: <20020715002931.O58350-100000@topperwein.dyndns.org> Subject: Re: plain text password Date: Tue, 16 Jul 2002 14:57:03 +0530 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-Scanned-By: MIMEDefang 2.15 (www dot roaringpenguin dot com slash mimedefang) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hai, The solution which u had given is very nice.But it is not putting properly in the htpasswd file we made a small change to u r script. After making that change it started working fine. Thanks for u r help. I am giving the altered script below:- cat /etc/master.passwd | awk -F":" '{ printf("%s:%s\n", $1, $2) }' > /usr/local/www/site/phpMyadmin/httpd_access ----- Original Message ----- From: "Chris BeHanna" To: "Naga Suresh B" Sent: Monday, July 15, 2002 10:03 AM Subject: Re: plain text password > On Mon, 15 Jul 2002, Naga Suresh B wrote: > > > I want to create users with plain text password I want to make use of > > /etc/passwd file to be accessed through apache. > > This is very dangerous. Plain-text passwords in general are a > very bad idea. > > Note that Apache supports both DES (older crypt()-style) and MD5 > password hashes in the htpasswd program. > > > I want to globalise the passwd facility in our company. If I create > > a user and passwd on the server he must be able to access the > > intranet, server with the same password, Please give me if any > > solution is there for this, I know how to do that on Linux is there > > anything like that on FreeBSD Please give me solution. solution as > > early as possible. > > To do what you want to do, I'd suggest something like this: > > cat /etc/master.passwd | awk -F":" '{ printf("%s:%s", $1, $2) }' > /usr/local/etc/apache/htpasswd > > Run it out of cron every so often, or put together a passwd change > script that users should use that will automatically run the above > command every time the user changes his or her password. > > Presto: now you have unified passwords WITHOUT the folly of using > plaintext passwords. > > -- > Chris BeHanna > Software Engineer (Remove "bogus" before responding.) > behanna@bogus.zbzoom.net > Turning coffee into software since 1990. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message