This is a dynamic password system for the basic authentication that exists with the Apache web server. Files ===== dgroup - group listing in Apache compatible format. # This file is read by Apache to look for valid users in its access group for a particular realm. # it is also used by the dynagenpass Perl script to create new sets of passwords for users dpass - password file in Apache compatible format. # This file has the current, trapdoored passwords that Apache looks at. # It is generated automatically, on the hour by the dynaudpass (Dynamic UpDate Password) perl script from the list of passords in the pd[user] files. dynagenpass - Dynamic Generator (of) Passwords - Perl script. It looks at the list of users in the dgroup user list and generates a list of passwords for each user. These lists are in the form dp[user] so, for a user called fred, he has a file called dpfred. dynaudpass - Dynamic UpDate Passwords - Perl Script. This program rewrites the dpass file with the current trapdoored passwords. It looks up the current password for each user (from the dp[user] filr) and then generates the trapdoor line for each user that then goes into the dpass file. This program should run on a crontab Use === Initial ------- 1) Go into the daccess directory, open up a shell and run ./dynagenpass. 2) print out the dp[user] file. 3) the httpd.conf section should read something like this... AllowOverride AuthConfig Options Indexes FollowSymLinks Order allow,deny Deny from all AuthType Basic AuthName "secrets test" AuthUserFile /etc/httpd/daccess/dpass AuthGroupFile /etc/httpd/daccess/dgroup Require group dg1 Satisfy Any Ongoing ------- 1) steps 1 and 3 as above 2) When the crontab updates the dpass file, look up the current password and that should give you access.