[TriLUG] apache passwd management strategies (subversion)
Rick DeNatale
rick.denatale at gmail.com
Thu Sep 22 17:08:40 EDT 2005
On 9/22/05, Tanner Lovelace <clubjuggler at gmail.com> wrote:
> Why don't you, instead of using htpasswd files, use something
> like mod_auth_pam?
I hadn't heard of this beast before. I guess that since it's using
basic authentication from an apache configuration point of view, the
passwords get sent in the clear, and the MD5 digest is computed in the
apache process.
I never thought about how secure (or actually insecure) the
Apache/HTTP password protocols were until this thread got me doing a
bit of googling.
--
Rick DeNatale
Visit the Project Mercury Wiki Site
http://www.mercuryspacecraft.com/
More information about the TriLUG
mailing list