How do you htdigest 400 user accounts?

You can also check out the python script that trac distributes on their website for htdigest passwords, you can then automate it:

Generating htdigest passwords without Apache

They also suggest something along these lines will work:

It is possible to use md5sum utility to generate digest-password file using such method:

$ printf "${user}:trac:${password}" | md5sum - >>user.htdigest

and manually delete " -" from the end and add "${user}:trac:" to the start of line from 'to-file'.

I have tested this on FreeBSD, not sure if this will work on Linux or Windows, so you may need to modify it a little:

(echo -n "user:realm:" && echo -n "user:realm:testing" | md5) > outfile

outfile contains:

user:realm:84af20dd88a2456d3bf6431fe8a59d16

Same thing with htdigest:

htdigest -c outfile2 realm user

output in outfile2

user:realm:84af20dd88a2456d3bf6431fe8a59d16

They are both the same, thereby proving correctness of the command line implementation!

(Aside: On unix/linux the first one should be:

echo password | htdigest -c realm username$1

)

As htdigest doesn't have any nice way to pass the password in, I would use expect to automate the process.

An example from http://www.seanodonnell.com/code/?id=21:

#!/usr/bin/expect##########################################$ file: htpasswd.sh#$ desc: Automated htpasswd shell script##########################################$#$ usage example:#$#$ ./htpasswd.sh passwdpath username userpass#$######################################set htpasswdpath [lindex $argv 0]set username [lindex $argv 1]set userpass [lindex $argv 2]# spawn the htpasswd command processspawn htpasswd $htpasswdpath $username# Automate the 'New password' Procedureexpect "New password:"send "$userpass\r"expect "Re-type new password:"send "$userpass\r"

It's left as an exercise to the user to convert this for Windows if required.

Here is a script that will read in a list of user names, generate a random password for each, and output them to both an htdigest file, and a plain text file. It has been tested on Linux, but may need to be modified for other systems. In particular, md5sum may be md5, and head does always accept the -c flag.

#!/bin/bash# auth realm for digest authAUTH_REALM=MyRealm# file locations# a file containing a list of user names,# one name per line, e.g.,# $ cat users.txt# joe# curly# larryUSER_FILE=users.txt# htdigest file, needs to existHTDIGEST_FILE=passwd.htdigest# insecure password filePASSWD_FILE=passwd.txt# read the names from the user filewhile read username  do  # generate a pseudo-random password  rand_pw=`< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8`  # hash the username, realm, and password  htdigest_hash=`printf $username:$AUTH_REALM:$rand_pw | md5sum -`  # build an htdigest appropriate line, and tack it onto the file  echo "$username:$AUTH_REALM:${htdigest_hash:0:32}" >> $HTDIGEST_FILE  # put the username and password in plain text  # clearly, this is terribly insecure, but good for  # testing and importing  echo "$username:$rand_pw" >> $PASSWD_FILEdone < $USER_FILE

This is what the input and results look like, first the user names file:

$ cat users.txt joecurlylarry

Running the script:

$ ./load_users.bash 

The resulting htdigest file:

$ cat passwd.htdigestjoe:MyRealm:2603a6c581f336f2874dbdd253aee780curly:MyRealm:fd3f9d87bba654439d5ba1f32c0286a8larry:MyRealm:c1c3c0dc50a9b97e9f7ee582e3fce892

And the plain text file:

$ cat passwd.txt joe:aLnqnrv0curly:3xWxHKmvlarry:7v7m6mXY