-n Don't update file; display results on stdout.
-m Force MD5 encryption of the password.
-d Force CRYPT encryption of the password (default).
-p Do not encrypt the password (plaintext).
-s Force SHA encryption of the password.
-b Use the password from the command line rather than prompting for
it.
-D Delete the specified user.
On Windows, TPF and NetWare systems the '-m' flag is used by default.
On all other systems, the '-p' flag will probably not work.As you can see, it is not a difficult command to use. For example, to create a
new user file named gnulixusers with a user named wsb, you need to do
something like this:
Click here to view code image
matthew@seymour:~$ sudo htpasswd -c gnulixusers wsb
You are then prompted for a password for the user. To add more users, repeat
the same procedure but without the -c flag.
You can also create user group files. The format of these files is similar to that
of /etc /groups. On each line, enter the group name, followed by a colon
(:), and then list all users, with users separated by spaces. For example, an
entry in a user group file might look like this:
Click here to view code image
gnulixusers: wsb pgj jp ajje nadia rkr hak
Now that you know how to create a user file, it’s time to look at how Apache
might use such a file to protect web resources.
To point Apache to the user file, use the AuthUserFile directive.
AuthUserFile takes the file path to the user file as its parameter. If the file
path is not absolute—that is, beginning with a /—it is assumed that the path
is relative to the ServerRoot. Using the AuthGroupFile directive, you
can specify a group file in the same manner.
Next, use the AuthType directive to set the type of authentication to be used
for this resource. Here, the type is set to Basic.
Now you need to decide to which realm the resource will belong. Realms are
used to group different resources that will share the same users for
authorization. A realm can consist of just about any string. The realm is
shown in the Authentication dialog box in the user’s web browser. Therefore,
you should set the realm string to something informative. The realm is
defined with the AuthName directive.