Date: Sun, 28 Nov 1999 20:42:45 -0800 (PST) From: Tom <tom@sdf.com> To: "J.C. Frazier" <wolfman@csocs.com> Cc: freebsd-isp@freebsd.org Subject: Re: apache13-fp-modssl problem with passwords Message-ID: <Pine.BSF.4.05.9911282040030.2406-100000@misery.sdf.com> In-Reply-To: <384218E4.12795CCC@csocs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 28 Nov 1999, J.C. Frazier wrote: > Tom wrote: > > > On Sun, 28 Nov 1999, J.C. Frazier wrote: > > ... > > > Anytime a user tries to publish a page from the client, or perform > > > anyother operation as an author/administrator, there is a password > > > mismatch. I have checked the passwords and they are correct. md5 and > > > des are installed on the box, md5 being the default. I believe that > > ... > > > "FreeBSD 'should' support both once you have the secure package > > ... > > > Taken from /var/log/httpd-error.log: > > > [Sat Nov 27 20:28:01 1999] [error] user fpadmin: authentication failure > > > for "/_vti_bin/_vti_aut/author.exe": password mismatch > > > > Do a "file" on author.exe. If it is statically linked, it was probably > > linked against someother crypt(). > > > > FreeBSD's libcrypt has a crypt() function that can understand both DES > > and MD5. Howerver, it encrypts using the mentod specified by the symlink. > > > > Tom > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > bash-2.03# file author.exe > author.exe: BSD/OS i386 compact demand paged executable Statically link (since it doesn't say dynamic, it has to be static), and it is a BSD/OS executable, and I doubt that the crypt() function on BSD/OS knows anything about MD5 passwords. > I also checked the service.pwd files and it is encrypting it in DES: > bash-2.03# john /usr2/www/user/_vti_pvt/service.pwd > Loaded 1 password (Standard DES [24/32 4K]) > correctpassword (user) <--- (real pass and username left out of > this e-mail) > > Just not sure about the process of decryption on frontpage or how the > passwords are matched... Try a DES password in master.passwd. If frontpage works with that, then you must either use DES passwords for everyone who wants to use frontpage, or get RTR Software to make a FreeBSD build of the frontpage executables. > J.C. Frazier Tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9911282040030.2406-100000>