1

I was trying to setup svn on a machine running Linux Fedora 18. I created and added new users by using htpasswd. So basically what I did was:

$ htpasswd -c passwd admin.

where passwd is the file containing the username/password pairs. By default, htpasswd is supposed to use md5 to encrypt passwords. So, later when I tried to login, I couldn't, even though I supplied correct username and password. After trying different things, I went to some online md5 generator, typed in the same password. The resulting string was different from the one generated by htpasswd. I manually edited passwd file, put in the md5 password I got from the website and successfully logged in. Is there something wrong with htpasswd or there are some system setting which need to be fixed?

Russell'sTeapot
  • 373
  • 2
  • 11
  • 21

1 Answers1

2

The syntax is

htpasswd -c passwdfile username

or

htpasswd -cb passwdfile username yourpassword

The default hash algorithm is MD5 since version 2.2.18 of apache (you can identify it by the $apr1$ prefix). Before that, the default hash was unix crypt, (without a prefix). If your apache version is <2.2.18, you'd better force md5 with

htpasswd -cm passwdfile username
htpasswd -cbm passwdfile username yourpassword

Maybe after that you should check your passwdfile is correctly created (do you havec permissions etc).

When you generate an MD5 hash, with online tools or with the htpasswd command-line, it's different each time because it uses a random salt.

fpirsch
  • 100
  • 4