[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: htpasswd



Thanks Simon!

Simon Morgan wrote:
On 25/12/05, Rico <coolzone_(_at_)_it_(_dot_)_dk> wrote:

I am managing some sites which has some parts password protected by a
simple .htaccess file.

On obsd 3.7 I have always used the "htpasswd" tool to generate the
password files.

Today I had to update a site, and I used htpasswd on obsd 3.8, but I am
having some problems with that.

When I compare a file generated on 3.7 with one generated on 3.8 there
is a difference.

For the test I have used:

Username: test
Password: test2006

In 3.7 the result is:
test:LNjeMUyoDbkjs

In 3.8 the result is:
test:$2a$06$BP.dFVlnGwb2kE28/M2QtOzXg06fPfy8nFE7x5rNPXSDC7b2RPd2y

On both I did:
htpasswd -c .passwd test

I have looked in the man page and I can't find any changes from 3.7 to
3.8. I have also looked on the "changes" page for 3.8.

Is it me overlooking anything?


http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/httpd/src/support/htpasswd.c

"support blowfish encryption in the password files and use it by default
From: Sergey Smitienko <hunter_(_at_)_comsys_(_dot_)_com_(_dot_)_ua>, markus ok"


.