0

I am working on making a homemade NAS and was implementing a download share feature using Lighttpd. I know how to use Apache, but since I was hosting the webserver on a small Raspbery Pi, I felt Lighttpd would be just more "lighter".

I have a directory restricted to be only accessible by mod_auth's valid users. I some what know how to use the mod_auth feature: plaintext, hex digest, but I don't seem to find any info about verifying a salted + hashed password with the received password from the user. The mod_auth module has a backend mode called htpasswd, but this only hashes the password using MD5 WITHOUT any salt.

Is Bcrypt or any other salt implementing hashing provided by Lighttpd's mod_auth module? If not, does this mean I would have to implement my own user database system + password verification? Or maybe should I just use MD5 and implement my own random salt before hashing it? (I assume this is not a recommended solution.)

D_Pain
  • 7,123
  • 1
  • 11
  • 12
  • Have you read the doc on lighttpd website? https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModAuth – gstrauss Jun 11 '17 at 00:24
  • @gstrauss Yes, it has plain, htpasswd, hexdigest, ldap, gssapi, mysql, and more. plain, and hexdigest is clearly not an option. htpasswd seems to only use MD5 (at least in the docs). I don't think ldap and gssapi is an option for me. Maybe I could use mysql since I think mysql has a hash function with a random hash. Unfortunately this means I also need to have a mysql database running in my raspberry pi which is already not that powerful of a device. (I don't have good cooling to prevent it from throttling from the overclock.) – D_Pain Jun 11 '17 at 02:25
  • Similar to Apache, lighttpd supports SHA1 in the htpasswd file. However, if you do not want to store actual passwords on your RPi, then you should be using HTTP Digest authentication (not hexdigest) instead of HTTP Basic authentication. lighttpd supports HTTP Digest authentication. HTTP Digest authentication never sends user password over the connection. If you are using TLS (https), then user password is not sent clear-text on the network even if HTTP Basic auth is used, but the password is stored on the server in the clear, so HTTP Digest is preferred. – gstrauss Jun 12 '17 at 03:12
  • Depending what you are actually trying to provide, you might look at lighttpd mod_secdownload, which can generate a unique key that can be used to download a file (after you script some other authn/authz to provide an access key) https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModSecDownload – gstrauss Jun 12 '17 at 03:17
  • @gstrauss That's interesting! Thanks for the advice :) – D_Pain Jun 13 '17 at 04:23
  • @gstrauss: the digest authentication just uses a MD5 digest and a salt. Making it not really better than basic plain password transfer. A complete no-go. As far as I can tell, lighttpd does not provide a secure way to use passwords, since `plain` and `htdigest` (the above) are the only supported backends for `method="digest"`. – Evi1M4chine Sep 09 '17 at 06:36
  • @Evi1M4chine: lighttpd supports other auth mechanisms, including GSSAPI (kerberos). See https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModAuth – gstrauss Sep 09 '17 at 23:54
  • @gstrauss: Yes, but they all only use `method="basic"`, which is not secure since it transfers everything in the clear. And if I’m not wrong, all those that themselves add an extra layer of security (like Kerberos and LDAP I think), do that by adding a special protocol, that a normal browser does not support. While browsers definitely support bcrypt/hddigest, no? – Evi1M4chine Sep 11 '17 at 20:57
  • Using method="basic" over an https (SSL/TLS) connection is one solution that is acceptable to some. Similarly, method="digest" with a weak hash, but over SSL/TLS is acceptable to some. It is true that to avoid passing the password in clear to the server, a digest is better than clear-text, and a strong digest is better than a weak one when you know that the server side has less-trusted intermediate servers which you want to be able to validate the password without having (easier) access to the actual password. – gstrauss Sep 13 '17 at 05:59

0 Answers0