From owner-freebsd-questions@FreeBSD.ORG Mon Jul 7 12:18:50 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A6CAF106564A for ; Mon, 7 Jul 2008 12:18:50 +0000 (UTC) (envelope-from jos@webrz.net) Received: from webrz.xs4all.nl (webrz.xs4all.nl [82.95.248.216]) by mx1.freebsd.org (Postfix) with ESMTP id 2B4168FC25 for ; Mon, 7 Jul 2008 12:18:49 +0000 (UTC) (envelope-from jos@webrz.net) Received: from webrz.xs4all.nl (localhost.webrz.net [127.0.0.1]) by webrz.xs4all.nl (Postfix) with ESMTP id A5BBCFD061 for ; Mon, 7 Jul 2008 14:19:10 +0200 (CEST) Received: from ATLANTIS (atlantis.webrz.net [10.10.10.27]) by webrz.xs4all.nl (Postfix) with ESMTP id 7FA7EFD05E for ; Mon, 7 Jul 2008 14:19:10 +0200 (CEST) From: "Jos Chrispijn" To: Date: Mon, 7 Jul 2008 14:18:49 +0200 Organization: Koudekerke (NL) Message-ID: <001201c8e02b$9c6e9ed0$d54bdc70$@net> MIME-Version: 1.0 X-Priority: 1 (Highest) X-MSMail-Priority: High X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AcjgK5w1InyX+2nUTC6H0d5T8m5IOg== Content-Language: nl Importance: High X-AV-Checked: ClamAV using ClamSMTP @ prometheus.webrz.net Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: .htaccess or OS related? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2008 12:18:50 -0000 I ran into a problem last night that I was able to solve, but generated a question: I have this hosting provider (uses Debian OS) on which I can't use htpasswd to generate user and password to protect a single file. To have this done I solved it as follows: did a htpasswd on my own server (FreeBSD 7) and simply copied the file with the user:password (scrambled) to my home directory I have with this hosting provider and referred in the .htaccess to it. And now comes the fun stuff: it worked without probs. So the algorithm that is used on FreeBSD to scramble a user password is the same as it is used by Debian? Isn't that a security gap? Jos