[thelist] crypt, salt, and htaccess

deke web at master.gen.in.us
Thu Jan 2 10:27:01 CST 2003

I'm trying to "roll my own" web interface for htaccess access control.

The format for the password file is apparently
where PASSWORD is actually the crypt() of the *real* password.

But I can't see how to tell Apache what the *salt* is. How can Apache
encrypt an entered password and see if it matches the stored password,
if it doesn't know what salt was used?

If I have seen farther than others, it is by stepping on the toes of

More information about the thelist mailing list