How to automate generation of htpasswd from command line without typing password?

Asked 15/4, 2012 at 17:9 Answered 4/5, 2019 at 11:49

I am trying to automate creating a password from the command line. I have tried the below but it still keeps asking for the password.

echo "test101" | htpasswd -c ~/temp/password admin

How to generate automate htpasswd from command line without typing password?

Aigneis answered 15/4, 2012 at 17:9 Comment(0)

Why not just use:

htpasswd -b -c ~/temp/password admin test101

Aristaeus answered 15/4, 2012 at 17:12 Comment(2)

Although it's old: Because all other users on the same system may be able see "test101" in /proc/<uid>/cmdline for a short moment, if they are watching. – Passible 4/3, 2019 at 21:25

This is the case if your system has more than 1 users, for creating initial example to setup a server and generate htpasswd, this will have no problem. – Divider 25/12, 2020 at 23:3

If you don't have htpasswd installed (for example when using nginx) you can generate a password with openssl.

printf "USER:$(openssl passwd -crypt PASSWORD)\n" >> .htpasswd

Alaniz answered 5/10, 2018 at 9:58 Comment(4)

-crypt is considered insecure today. You can use -apr1 instead. – Ama 21/7, 2019 at 13:44

Nginx also accepts SHA-256, that's even better then APR1 (MD5), for that use -5 instead. – Ama 21/7, 2019 at 13:54

@GustavoVargas I've used this in the past but now it gives an error: passwd: Option unknown option -5. – Advisement 24/1, 2021 at 15:17

@FabianBarney maybe your openssl is outdated. Take a look on this openssl command line reference: mkssoftware.com/docs/man1/openssl_passwd.1.asp – Ama 24/1, 2021 at 22:15

The -b switch should do the trick, but the password will still be visible to other users on the system via the process list (ps etc):

htpasswd -b -c ~/temp/password admin test101

Panter answered 15/4, 2012 at 17:13 Comment(0)

From the man page of htpasswd we get this:

-i Read the password from stdin without verification (for script usage).

So just acording to your question something like this should work:

echo "test101" | htpasswd -c -i ~/temp/password admin

But the password will be visible in history and process list.

To automate creating a password from the command line i would write the plain password to a file and do something like that:

htpasswd -c -i ~/temp/password admin < ~/temp/pass_plain

Afterwards delete the pass_plain file.

Also make sure the pass_plain file is not readable by anyone else, also if its just there for a few seconds.

Od answered 4/5, 2019 at 11:49 Comment(3)

This feature was added between httpd-tools-2.2.15-69 (CentOS 6) and before httpd-tools-2.4.6-88 (CentOS 7) so it is not universally available. – Cortex 26/11, 2019 at 13:53

sudo apt-get install apache2-utils in case of ubuntu – Judijudicable 2/10, 2021 at 4:15

To avoid the history/process list issue, wouldnt it be easier and simpler to just cat and pipe? Something like cat ~/temp/pass_plain | htpasswd -c -i ~/temp/password admin? – Synthesis 26/9, 2023 at 16:52

Recommended topics

Hot tags