The private authentication file (AuthFile or "svpasswd") requires that you supply a password for authenticating each username. The password can be entered as plain text for convenience. But a more secure option is to enter a password hash.
The mkpasswd program, included in the "Server Files" folder, will generate a password hash suitable for the accompanying server platform. You may then copy this hash into the password field of an AuthFile user record. It has the following syntax:
If you do not include the password on the command line, mkpasswd will securely prompt you to enter it.
mkpasswd does not change your AuthFile. The hash must be copied into the password field of an AuthFile record and the server restarted or reloaded for the new password to take effect.
The Windows version of mkpasswd will generate a 128-bit MD5 hash. As an alternative to running mkpasswd.exe in a command shell, you may also double click on mkpasswd.exe and enter the password when prompted. The hash value will be automatically copied to the Windows clipboard.
On all other platforms, mkpasswd will generate a unix crypt hash.
Here is an example of a unix crypt hash:
# mkpasswd foobar Unix crypt hash: gsi529mAB9kRA
Here is an example of prompting for the password:
# mkpasswd Enter a new password: Unix crypt hash: Ls3A5Fxl0EGAY
Here is a Windows example:
C:\ExpeDat> mkpasswd.exe foobar Windows md5 hash: 3858F62230Ac3c915f300c664312C63f
Here is what an AuthFile entry might look like:
paul:3858F62230Ac3c915f300c664312C63f:::C:\Documents and Settings\paul:RestrictHome
Windows servers require MD5 hashes while unix servers require unix crypt hashes. So if you move an AuthFile from a Windows system to a unix system or vice-versa, you must update the password hashes.
The Apache web server's htpasswd utility is also known to generate appropriate password hashes for use with servedat. However, htpasswd should not be used to edit an AuthFile because it will erase all of the fields after the password.