RE: [CentOS] Apache Authorization Access Control - location of, htpasswd in Centos 5.1
I don't think it's the path of htpasswd that's the problem but here it is anyway: /usr/bin/htpasswd. The problem is more likely that the directory you're trying to create the password file in with the command htpasswd -c /passwd/passwords famsite doesn't exist. Thanks Iain, OK I just created the directory /passwd/passwordsand re ran the command as root, still no luck. _ Get in touch in an instant. Get Windows Live Messenger now. http://www.windowslive.com/messenger/overview.html?ocid=TXT_TAGLM_WL_Refresh_getintouch_042008___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Apache Authorization Access Control - location of htpasswd in Centos 5.1?
I tried creating a password file by executing htpasswd -c /passwd/passwords famsite but apparently htpasswd is not in my path, I'm getting the cannot create file /passwd/passwords famsite error. Anyone know where the default location of htpasswd is on a centos 5.1 install? Or how to generate a password file on a centos 5.1 install? There's a utility called 'which' you can use to discover the location of certain apps you want to learn about. Thanks! Ok I ran /usr/bin/htpasswd -c /passwd/passwords famsite as root, and still got the cannot create file error. _ Use video conversation to talk face-to-face with Windows Live Messenger. http://www.windowslive.com/messenger/connect_your_way.html?ocid=TXT_TAGLM_WL_Refresh_messenger_video_042008___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache Authorization Access Control - location of htpasswd in Centos 5.1?
Pam Astor wrote on Sun, 6 Apr 2008 07:31:03 -0400: I tried creating a password file by executing htpasswd -c /passwd/passwords famsite but apparently htpasswd is not in my path, Im getting the cannot create file /passwd/passwords famsite error. That rather sounds like the path /passwd/passwords does not exist or is not writable. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache Authorization Access Control - location of htpasswd in Centos 5.1?
Hi Pam, just my two cents. The command 'htpasswd -c /passwd/passwords famsite' will do two things: create the password file called passwords in the /passwd directory, and add the user famsite to it. So, the directory /passwd must exist, and you did that. However, passwords is a file and you said you created that directory. This is wrong. If it existed as a file then htpasswd would recreate it (with the -c option) but I don't think it would work if passwords was a directory. Because you're doing all this as root I don't think it's a permission problem. However, as others pointed out, because the passwords file will have to be accessible by the user who runs Apache, then you will need to sort that out later. Hope this helps. Also, if you type just htpasswd with nothing else you should have a nice help. Giulio Pam Astor wrote: Hi, I’m trying to set up a private family web site for genealogy, and want to set up Apache Authorization access control for this site, and once the user has logged in has access to the entire site. I’ve been reading the info at _http://httpd.apache.org/docs/2.2/howto/auth.html_ to learn how to do this. I’m just planning on passing out the same username and password to all family members and allow everyone in the family to use the same username and password, to keep things simple. The server is running Centos 5.1. The first problem I am running into – I’m trying to use the |_htpasswd_ http://httpd.apache.org/docs/2.2/programs/htpasswd.html| utility that came with Apache 2.2 to create a password file. The default location according to above URL is in |/usr/local/apache2/bin/htpasswd| but apparently it’s not located there in my install. |I tried creating a password file by executing htpasswd -c /passwd/passwords famsite but apparently ||_htpasswd_ http://httpd.apache.org/docs/2.2/programs/htpasswd.html is not in my path, I’m getting the “cannot create file /passwd/passwords famsite” error.| Anyone know where the default location of htpasswd is on a centos 5.1 install? Or how to generate a password file on a centos 5.1 install? Pack up or back up–use SkyDrive to transfer files or keep extra copies. Learn how. hthttp://www.windowslive.com/skydrive/overview.html?ocid=TXT_TAGLM_WL_Refresh_skydrive_packup_042008 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache Authorization Access Control - location of htpasswd in Centos 5.1?
Pam Astor wrote: Hi, I’m trying to set up a private family web site for genealogy, and want to set up Apache Authorization access control for this site, and once the user has logged in has access to the entire site. I’ve been reading the info at http://httpd.apache.org/docs/2.2/howto/auth.html to learn how to do this. I’m just planning on passing out the same username and password to all family members and allow everyone in the family to use the same username and password, to keep things simple. The server is running Centos 5.1. Is there any reason not to give each user his own login:password? it starts as user friendly and it ends up as a zombie... The first problem I am running into – I’m trying to use the htpasswd utility that came with Apache 2.2 to create a password file. The default location according to above URL is in /usr/local/apache2/bin/htpasswd but apparently it’s not located there in my install. I tried creating a password file by executing htpasswd -c /passwd/passwords famsite but apparently htpasswd is not in my path, I’m getting the “cannot create file /passwd/passwords famsite” error. you can have a lot of fun under unix. try these: # cp /a/foo /b/bar ... How about creating the directory? # mkdir /passwd # cd /passwd # htpsswd -c passwords famsite that said, /passwd is a bad choice. /etc/httpd/security is better. Anyone know where the default location of htpasswd is on a centos 5.1 install? Or how to generate a password file on a centos 5.1 install? you can generate whatever file you want, as long as you stop trying to create files inside directories that don't exist. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Apache Authorization Access Control - location of, htpasswd in Centos 5.1
On Sun, 2008-04-06 at 09:54 -0400, Pam Astor wrote: Thanks Iain, OK I just created the directory /passwd/passwords and re ran the command as root, still no luck. err Hi. It sounds like you are very used to the 'Windows' way of doing things. I don't recommend creating a directory in the root filesystem for this purpose. Its a bad idea, and not even a good idea in Windows. Is there any real need to deny outsiders access to your genealogy site? You would probably get much help from outsiders (long-forgotten 2nd cousins etc) who stumble upon your site. This solution you are wanting, is not often used because of its inflexibility. I only see it used by extreme noobs, wanting to password-protect an area of their site. While family members will have their interest piqued by having access to a 'secret' site, their interest may wane at the annoyance of having to enter a user/password each time and 'disappear' once the initial novelty wears off. If you are wanting 'security through obscurity', an even quicker solution is simply to place an index.html file in your web directory /var/www/html This will stop a casual user from browsing and getting a listing of files at your site, since they will get a blank page if they go to www.yoursite.com Now add a directory (say) /familygenealogy2 and put all your genealogy web files in this directory. So for any member of your family to browse the site, they just need to point the browser to (and bookmark) www.yoursite.com/familygenealogy2 and once there. can browse any file you have placed. This will have the same security as requiring a user/password, since no-one can see the files unless they know the directory /familygenealogy2 exists. I really, really would choose this solution, rather than a single user/password. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Apache Authorization Access Control - location of htpasswd in Centos 5.1?
I tried creating a password file by executing htpasswd -c /passwd/passwords famsite but apparently htpasswd is not in my path, I’m getting the “cannot create file /passwd/passwords famsite” error. That rather sounds like the path /passwd/passwords does not exist or is not writable. Well, I just tried chomd 777 passwords and still the same problem. _ Use video conversation to talk face-to-face with Windows Live Messenger. http://www.windowslive.com/messenger/connect_your_way.html?ocid=TXT_TAGLM_WL_Refresh_messenger_video_042008___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache Authorization Access Control - location of htpasswd in Centos 5.1?
Pam Astor wrote: I tried creating a password file by executing htpasswd -c /passwd/passwords famsite but apparently htpasswd is not in my path, I’m getting the “cannot create file /passwd/passwords famsite” error. That rather sounds like the path /passwd/passwords does not exist or is not writable. Well, I just tried chomd 777 passwords and still the same problem. Can you show us what the result of the ls -l /passwd/passwords command is? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Apache Authorization Access Control - location of htpasswd in Centos 5.1?
I’m trying to set up a private family web site for genealogy, and want to set up Apache Authorization access control for this site, and once the user has logged in has access to the entire site. I’ve been reading the info at http://httpd.apache.org/docs/2.2/howto/auth.html to learn how to do this. I’m just planning on passing out the same username and password to all family members and allow everyone in the family to use the same username and password, to keep things simple. The server is running Centos 5.1. Is there any reason not to give each user his own login:password? it starts as user friendly and it ends up as a zombie... OK I guess that makes sense, you mean if several people are logging in as the same user the process will stay running and it's easier to hack? The first problem I am running into – I’m trying to use the htpasswd utility that came with Apache 2.2 to create a password file. The default location according to above URL is in /usr/local/apache2/bin/htpasswd but apparently it’s not located there in my install. I tried creating a password file by executing htpasswd -c /passwd/passwords famsite but apparently htpasswd is not in my path, I’m getting the “cannot create file /passwd/passwords famsite” error. On another note, with this forums help I was able to create the user and password, so at least that problem is resolved. you can have a lot of fun under unix. try these: # cp /a/foo /b/bar ...How about creating the directory? # mkdir /passwd # cd /passwd # htpsswd -c passwords famsite Yup that works, at least one problem solved thanks. that said, /passwd is a bad choice. /etc/httpd/security is better. OK will do. Question though, if both /passwd and /etc/httpd/security are both owned by apache user, then is there really a difference in security between using either /passwd or /etc/httpd/security ? As long as my permissions are properly set? _ Pack up or back up–use SkyDrive to transfer files or keep extra copies. Learn how. hthttp://www.windowslive.com/skydrive/overview.html?ocid=TXT_TAGLM_WL_Refresh_skydrive_packup_042008___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Apache Authorization Access Control - location of, htpasswd in Centos 5.1
It sounds like you are very used to the 'Windows' way of doing things. I don't recommend creating a directory in the root filesystem for this purpose. Its a bad idea, and not even a good idea in Windows. Is there any real need to deny outsiders access to your genealogy site? You would probably get much help from outsiders (long-forgotten 2nd cousins etc) who stumble upon your site. Yes you are probabally right, just curious though about using apache access control for a site, never did it before, maybe at some point I'll have a use for it. Question though, if my permissions are set properly, to maybe 555 or 644 and the directories are owned by apache, then does it really matter where the directory is? Or is it much easier to hack if it's in the root file system? If so, why is it easier to hack? This solution you are wanting, is not often used because of its inflexibility. I only see it used by extreme noobs, wanting to password-protect an area of their site. While family members will have their interest piqued by having access to a 'secret' site, their interest may wane at the annoyance of having to enter a user/password each time and 'disappear' once the initial novelty wears off. You are prob. correct there. I guess the only reason why I thought a password protected site would be a good idea, is because I am using phpgedview, and names are viewable and anyone can edit it who has a phpgedview account. I figured that people still living who want to add their personal infomration to the family tree might be less likely to do so if they think their names and personal info are publically view able. If you are wanting 'security through obscurity', an even quicker solution is simply to place an index.html file in your web directory /var/www/html This will stop a casual user from browsing and getting a listing of files at your site, since they will get a blank page if they go to www.yoursite.com Now add a directory (say) /familygenealogy2 and put all your genealogy web files in this directory. So for any member of your family to browse the site, they just need to point the browser to (and bookmark) www.yoursite.com/familygenealogy2 and once there. can browse any file you have placed. This will have the same security as requiring a user/password, since no-one can see the files unless they know the directory /familygenealogy2 exists. I really, really would choose this solution, rather than a single user/password. Your secirity through obscurity idea is a good one for static pages, but my hope is that other distant family members will want to add their info and that maybe they would be hesitant to do so if they think others on the net can see it. I have a robots.txt User-Agent: *Disallow: / file, but don't some search engines still ignore them? Anyway maybe I am just overly concerned about this privacy thing. _ Get in touch in an instant. Get Windows Live Messenger now. http://www.windowslive.com/messenger/overview.html?ocid=TXT_TAGLM_WL_Refresh_getintouch_042008___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Apache Authorization Access Control - location of htpasswd in Centos 5.1?
I tried creating a password file by executing htpasswd -c /passwd/passwordsfamsite but apparently htpasswd is not in my path, I’m getting the“cannot create file /passwd/passwords famsite” error. That rather sounds like the path /passwd/passwords does not exist or is not writable. Well, I just tried chomd 777 passwords and still the same problem. Can you show us what the result of the ls -l /passwd/passwords command is? Thanks for asking there, actually the problem has been solved, I deleted the passwords dir and chmoded 777 the passwd dir and the unsername and password were created by htpasswd. _ Pack up or back up–use SkyDrive to transfer files or keep extra copies. Learn how. hthttp://www.windowslive.com/skydrive/overview.html?ocid=TXT_TAGLM_WL_Refresh_skydrive_packup_042008___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache Authorization Access Control - location of htpasswd in Centos 5.1?
Can you show us what the result of the ls -l /passwd/passwords command is? Thanks for asking there, actually the problem has been solved, I deleted the passwords dir and chmoded 777 the passwd dir and the unsername and password were created by htpasswd. Not is, ls (ell ess) one of most commonly used Unix commands. But as you say, never mind. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache Authorization Access Control - location of htpasswd in Centos 5.1?
On Sun, Apr 06, 2008 at 09:59:19PM -0400, Pam Astor alleged: I tried creating a password file by executing htpasswd -c /passwd/passwordsfamsite but apparently htpasswd is not in my path, I’m getting the“cannot create file /passwd/passwords famsite” error. That rather sounds like the path /passwd/passwords does not exist or is not writable. Well, I just tried chomd 777 passwords and still the same problem. Can you show us what the result of the ls -l /passwd/passwords command is? Thanks for asking there, actually the problem has been solved, I deleted the passwords dir and chmoded 777 the passwd dir and the unsername and password were created by htpasswd. No, 777 is always incorrect for regular files and directories. You won't find a single example of a 777 file or directory anywhere on your machine. -- Garrick Staples, GNU/Linux HPCC SysAdmin University of Southern California Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html pgp2suOHxKjsT.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos