- Nederlands
- English
The default instructions to have basic http authentication failed on Ubuntu 12.04 Precise Pangolin. The reason seems to be that the htpasswd tool produces MD5 hashes by default, while the default apache2 installation on Ubuntu 12.04 expects SHA1 hashes. The symptoms are that login attempts always result in password mismatch:
[Fri Aug 17 13:45:52 2012] [error] [client 127.0.0.1] user admin: authentication failure for "/": Password Mismatch, referer: http://localhost/login/
To fix this use the -s option with htpasswd:
htpasswd -s /path/to/htpasswd/file username
For completeness, you need to define your Directory or LocationMatch in the site configuration to be like this:
<LocationMatch /[^/]+/login>
AuthType Basic
AuthName "Trac login"
AuthUserFile /var/trac/.passwd
Require valid-user
</LocationMatch>
The command to create the initial user would be:
htpasswd -s -c /var/trac/.passwd admin
Don't forget to make sure only the user www-data (or the user running apache if you don't use the Debian/Ubuntu default) can read the password file:
sudo chown www-data /var/trac/.passwd
sudo chmod 600 /var/trac/.passwd
And to add additional users or change password later on:
htpasswd -s /var/trac/.passwd johnsmith
Reactie toevoegen