From owner-freebsd-questions@FreeBSD.ORG  Mon Jul  7 12:47:50 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id AE72F106566C
	for <questions@freebsd.org>; Mon,  7 Jul 2008 12:47:50 +0000 (UTC)
	(envelope-from wmoran@potentialtech.com)
Received: from mail.potentialtech.com (internet.potentialtech.com
	[66.167.251.6]) by mx1.freebsd.org (Postfix) with ESMTP id 7FEF58FC22
	for <questions@freebsd.org>; Mon,  7 Jul 2008 12:47:50 +0000 (UTC)
	(envelope-from wmoran@potentialtech.com)
Received: from vanquish.ws.pitbpa0.priv.collaborativefusion.com
	(pr40.pitbpa0.pub.collaborativefusion.com [206.210.89.202])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.potentialtech.com (Postfix) with ESMTPSA id C47C9EBC08;
	Mon,  7 Jul 2008 08:47:49 -0400 (EDT)
Date: Mon, 7 Jul 2008 08:46:47 -0400
From: Bill Moran <wmoran@potentialtech.com>
To: "Jos Chrispijn" <jos@webrz.net>
Message-Id: <20080707084647.9a426e86.wmoran@potentialtech.com>
In-Reply-To: <002301c8e02d$7f4fde70$7def9b50$@net>
References: <001201c8e02b$9c6e9ed0$d54bdc70$@net>
	<20080707082222.eac3bbf6.wmoran@potentialtech.com>
	<002301c8e02d$7f4fde70$7def9b50$@net>
X-Mailer: Sylpheed 2.4.8 (GTK+ 2.12.9; i386-portbld-freebsd7.0)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Cc: questions@freebsd.org
Subject: Re: .htaccess or OS related?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jul 2008 12:47:50 -0000

In response to "Jos Chrispijn" <jos@webrz.net>:

> Bill,
> 
> > -----Original Message-----

Keep the list in the loop on replies.

> > The algorithm is part of Apache and has little or nothing to do with
> > the OS on which it runs.
> 
> I see, so .htpasswd is an Apache utility then; didn't know that.
> 
> > And the encryption used to store passwords in .htaccess files is known
> > to be weak.  If you need something strong, look to one of the other mod_*
> > security packages instead of .htaccess passwords.
> 
> What other mod_* security package would you recommend?

I won't _recommend_ anything.  However, I will point out that there's a
mod_ldap, mod_auth_kerb, and mod_auth_pam.  There are probably others
that I'm forgetting.

-- 
Bill Moran
http://www.potentialtech.com