5 UNIX / Linux Apache HTTPD htdigest Password Command Examples

When you are using HTTP digest authentication, you need to specify the list of users who can access the secured page. Use the htdigest command as explained in this article to manipulate the password file that is used by Apache HTTPD digest authentication.

htdigest command syntax: htdigest [-c] passwordfile realm username

1. Create a new Apache Password file (and add a new user)

The following command will create a new password file called httpd-pwd-file, and add “ramesh” user to the file. “sysadmin” is the name of the real specified in this example. You can use any value for a realm that matches your environment.

This command will also ask you to enter the password for the user “ramesh”

# htdigest -c httpd-pwd-file sysadmin ramesh
Adding password for ramesh in realm sysadmin.
New password:
Re-type new password:

Warning: Use -c flag only when you want to create a new password file. If you give -c by mistake, and if the password file already exist, it will be deleted. i.e it will overwrite all the user entries that are already present in the password file.

2. Apache Password File Format

The password file created by the htdigest command is a text file, which you can view it. The context of the file will be in the following format:

user-name:real-name:encrypted-password

For example, if you do a cat on the file that we created above, you’ll see something like the following:

# cat httpd-pwd-file
ramesh:sysadmin:1b2c1be8667731e7289

3. Add (i.e Append) another User to Apache Password file

If you already have users defined in an existing apache password file, you can add new users as shown below.

The following example will add user “john” to the existing httpd-pwd-file in the “dba” realm

# htdigest httpd-pwd-file dba john
Adding user john in realm dba
New password:
Re-type new password:

Now if you view the password file you’ll see both ramesh and john as shown below.

# cat httpd-pwd-file
ramesh:sysadmin:1b2c1be8667731e7289
john:dba:aef90cec4e38be591b5293c

4. Change Password of an User in Apache Password file

To change the password of an existing user in the password file, just do the same thing like creating an user, but enter a new password.

The following command will change the password for the user ramesh in the password file. Please note that “ramesh” doesn’t exist, it will create it.

# htdigest httpd-pwd-file sysadmin ramesh
Changing password for user ramesh in realm sysadmin
New password:
Re-type new password:

5. Adding an User to Multiple Realms in Password File

If you want to add the same user to multiple realms, you just need to add the user to a particular realm. This is similar to adding a user to a new realm.

The following example will add user “john” to the existing httpd-pwd-file in the “sysadmin” realm

# htdigest httpd-pwd-file sysadmin john
Adding user john in realm sysadmin
New password:
Re-type new password:

Now, if you view the password file, you’ll see two entries for John, as he belongs to different realms. Please note that the password for john on these two realms could be different, depending on what you entered as password while adding the user to that particular realm.

# cat httpd-pwd-file
ramesh:sysadmin:1b2c1be8667731e7289
john:dba:aef90cec4e38be591b5293c
john:sysadmin:04672b3524ca0029340aef90

Delete an User from the Apache Password File

To delete an user from the Apache password file, you can simple vi the apache password file, and delete the particular line item from the password file.

Comments on this entry are closed.