1 This directory includes some utilities to allow Apache 1.3.6 to
2 recognize passwords in SHA1 format, as used by Netscape web servers.
4 From Netscape's admin interface, export the password database to an
5 ldif file and then use convert.pl in this distribution to generate
6 apache style password files.
8 Note: SHA1 support is useful for migration purposes, but is less
9 secure than Apache's password format, since Apache's (MD5)
10 password format uses a random eight character salt to generate
11 one of many possible hashes for the same password. Netscape
12 uses plain SHA1 without a salt, so the same password
13 will always generate the same hash, making it easier
14 to break since the search space is smaller.
16 This code was contributed by Clinton Wong <clintdw@netcom.com>.
22 takes an ldif dump from Netscape's web server on
23 standard in, outputs apache htpasswd format on standard out.
25 Usage: convert.pl < ldif > passwords
28 perl script to generate entries in apache htpasswd format.
30 Usage: htpasswd-sha1.pl some_user some_password
33 sample ldif dump with one sha1 password and one crypt password.