Basic Auth Password Manager. Manages basic auth password files. This replaces the functionality provided by htpasswd from Apache. It also provides modern hash functions, such as argon2 and pbkdf2_sha512, which are far superior.
- All git tags are signed with [email protected] key which is available via WKD or download from https://www.sapience.com/tech. Add the key to your package builder gpg keyring. The key is included in the Arch package and the source= line with ?signed at the end can be used to verify the git tag. You can also manually verify the signature
To add or modify a user and write the resulting password file:
nginx-passwd -f <password_file> <user>If file is not specified, then the result is written to stdout.
The supported algortithms are:
* Modern : argon2, pbkdf2_sha512, pbkdf2_sha256 * Active : sha512, sha256, bcrypt * Deprecated: md5, apr_md5/apr1
and sha256 is the default.
These older and now deprecated algorithms (md5, apr_md5) are still supported but should be replaced by one of the active ones.
Aside, apr_md5 also known as apr1, is the ancient apache variant of md5.
The options are given below and nginx-passwd -h provides a help summary.
Positional Argument:
username
required argument.
(-h, --help)
show help message and exit
(-f, --passwd_file) <password_file>
Write to this Password file
(-a, --algo) <algorithm>
Default is sha256. Can be one of:
* Modern : argon2, pbkdf2_sha512, pbkdf2_sha256 * Active : sha512, sha256, bcrypt * Deprecated: md5, md5_apr1(-p, --passwd) <password>
Password as an option. Without this it will be read from stdin.
(-D, --delete)
Delete this user from the password file.
(-v, --verify)
Checks that the provided password matches that in the password file
- Available on
On Arch you can build using the PKGBUILD provided in packaging directory or from the AUR package. To build manually, clone the repo and do:
rm -f dist/* /usr/bin/python -m build --wheel --no-isolation root_dest="/" ./scripts/do-install $root_dest
When running as non-root then set root_dest a user writable directory
- Run Time :
- python (3.9 or later)
- passlib
NB versions 1.1 and earlier used openssl - all newer version now use python passlib library.
- Building Package:
- git
- hatch (aka python-hatch)
- wheel (aka python-wheel)
- build (aka python-build)
- installer (aka python-installer)
- rsync
- Optional for building docs:
- sphinx
- texlive-latexextra (archlinux packaguing of texlive tools)
We follow the live at head commit philosophy. This means we recommend using the latest commit on git master branch. We also provide git tags.
This approach is also taken by Google [1] [2].
Created by Gene C. It is licensed under the terms of the MIT license.
- SPDX-License-Identifier: MIT
- SPDX-FileCopyrightText: © 2023-present Gene C <[email protected]>
| [1] | https://github.com/google/googletest |
| [2] | https://abseil.io/about/philosophy#upgrade-support |