htadm and htpasswd

---

• From: "Arun" <jacob.arun@xxxxxxxxx>
• Date: 26 Apr 2006 05:46:40 -0700

---

Background
=====================
Currently, we have an web application running on an OS/390 mainframe
under mainframe Unix Shared Services. The webserver is IBM HTTP Server,
which is a rebranded version of Apache.

This application is being migrated to AIX.

Currently in the mainframe, the password hashing and verification is
being done by a utility called HTADM that comes with IBM HTTP Server on
OS/390.
For generating a hash of a plaintext_pwd, HTADM uses the Unix crypt(3)
with a random 2 char salt. 1st 2 chars of the generated hash_pwd gives
back the salt.
To verify a cleartext_pwd against the stored hash_pwd for a user, HTADM
takes the 1st 2 chars of the hash_pwd as the salt and passes it with
the cleartext_pwd to crypt(3) to generate another hash. This newly
generated hash should be the same as the stored hash_pwd.
http://en.wikipedia.org/wiki/Crypt_(Unix)#Library_Function

My questions
======================

HTADM is not available on IBM HTTP Server for Apache. How can I get it?

I can find only htpasswd, which is limited in functionality compared to
htadm

htpasswd limitation is that it cannot verify a stored hash_password against a cleartext_pwd specified as input. Is there some way I am missing out, to use htpasswd to verify a stored hash_password

I have got a set of cleartext_pwd ----> hash_pwd mappings generated on OS/390 using HTADM. Now i tried to verify if I could get the same hash_pwd using a separate implementation of crypt(3) found on this website -

http://javascript.internet.com/passwords/unix-crypt(3)-encryption.html

But the hash generated using this separate implementation does not
match.
So is crypt(3) implemented differently on OS/390 comapred to AIX and
other Unix OS's??


Thanks in advance

.

---

• Prev by Date: Apache RewriteRule causing double GET requests to tomcat
• Next by Date: Problem with Redirecting silently some users
• Previous by thread: Apache RewriteRule causing double GET requests to tomcat
• Next by thread: Problem with Redirecting silently some users
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Sorts (revised) ... >do all that with a mainframe and keep the costs really low. ... Unix because I found it 'cryptic'. ... The only difference is cost .. ... I worked on Major Big Time databases containing billions of rows. ... (comp.lang.cobol) Re: How many other editors in use ... heard that IBM had actually *done* it. ... it seemed to be a fairly complete UNIX ... There are an assortment of mainframe programs that advertise things like ... no matter how many manuals I accumulated. ... (comp.editors) Re: Power5 and Cell, new issue of IBM Journal of R&D ... a little hypervisor topic drift from a thread in a.f.c ... ... i've previously posted on the erep/ras issue for mainframe unix ports ... (comp.arch) Re: Enquiry regarding Linux in Mission Critical situation ... In Windows, it is very posible for one application to corrupt the ... under UNIX is it much harder. ... > IBM mainframe is down 5 minutes per year (mainframe has redundancy built ... Linux is ideal as a server for most Internet services. ... (comp.os.linux.security) Re: Enquiry regarding Linux in Mission Critical situation ... In Windows, it is very posible for one application to corrupt the ... under UNIX is it much harder. ... > IBM mainframe is down 5 minutes per year (mainframe has redundancy built ... Linux is ideal as a server for most Internet services. ... (comp.os.linux.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(17)