You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Jeff Trawick <tr...@gmail.com> on 2006/04/12 13:11:06 UTC

migration concerns changing default hash in htpasswd/htdbm to sha1 for 2.2.x?

As long as the default doesn't change *to* crypt/plaintext, nobody is
hurt, right?  Or do we support the use of htpasswd/htdbm to build
password files for other applications, which might not use apr-util to
check the user/passwd record?  (Those users would need to start
overriding the defaults to make it store in the same format as
before.)

Re: migration concerns changing default hash in htpasswd/htdbm to sha1 for 2.2.x?

Posted by Jorge Schrauwen <jo...@gmail.com>.

if i understands wrowe's explanation correctly...
the htpasswd on unix/linux is uid:crypted_pw
so i'd use that as default... and a specific option to overwrite that.

or and ident tag for plain
user:{txt}password for example

On 4/12/06, Jeff Trawick <tr...@gmail.com> wrote:
>
> As long as the default doesn't change *to* crypt/plaintext, nobody is
> hurt, right?  Or do we support the use of htpasswd/htdbm to build
> password files for other applications, which might not use apr-util to
> check the user/passwd record?  (Those users would need to start
> overriding the defaults to make it store in the same format as
> before.)
>



--
~Jorge