How does one do this from the command line when one doesn't have access to the service menu?

Thanks.

You should be able to set / change the web password by editing /etc/lighttpd/lighttpd.user

The format is:

user:pass
other-user:pass

for example:

mythtv:secret
ceenvee703:supersecret


Then be sure to restart lighttpd with: sv restart lighttpd

Hope this helps!

Martian

_________________
ABIT NF-M2 nView | Athlon 64 X2 3800+ | 2GB DDR2 800 | HDHomerun | GeForce 6150 (onboard) | WD 640 GB SATA HD | DVD-RW (sata) | StreamZap IR receiver with Logitech Harmony remote

Vizio 37" LCD HDTV (1080p)

Martian, thanks for the help. Unfortunately I think I need to edit something else besides creating that lighttpd.user file.... I added that and I got no prompt for a password when trying to access the server.

I then went into lighttpd.conf and about line 295 (in mine anyway) there's a section for "auth module" that was all commented out. I can uncomment the first three lines (auth.backend, auth.backend.plain.userfile and auth.backend.plain.groupfile) and everything's fine, but if I uncomment the "auth.require" section the webserver gives me "unable to connect" errors.

It also takes suspiciously long to do the "sv restart lighttpd" after uncommenting that section, and I have to do it three or four times to get it to give me an "ok" prompt (it says "timeout: down lighttpd: 1s, normally up, want up" when it doesn't restart).

I'll nose around some more about editing lighttpd.conf for authentication, but if you have it working and can check that part of your lighttpd.conf file, I'd appreciate it. Thanks again.

Ah yes, I think I know what the problem is. I also have a file named "auth-inc.conf"

which contains:



You can replace "valid-user" with "user=your username"

You will need to have the following line in your lighttpd.conf (mine is just after #### include)



Hopefully I haven't forgotten anything else.

Martian

_________________
ABIT NF-M2 nView | Athlon 64 X2 3800+ | 2GB DDR2 800 | HDHomerun | GeForce 6150 (onboard) | WD 640 GB SATA HD | DVD-RW (sata) | StreamZap IR receiver with Logitech Harmony remote

Vizio 37" LCD HDTV (1080p)

Thanks, that got me 99% of the way there. I already had the "auth-inc.conf" file and it contained the same code yours did.

My lighttpd.conf file also had the include line, but it was commented out, so I uncommented and restarted. Still no luck.

Then I realized I still had those other auth module lines uncommented at line 295. I recommented those and viola, authorization was working.

Thanks again for the help.

Great!!! - Glad to hear you got it.

I case you want to take this a little further - to secure phpMyAdmin perhaps? you can do something like this:



I'm running rutorrent (which is a web frontend to rtorrent) which is why I have the /torrent section.

_________________
ABIT NF-M2 nView | Athlon 64 X2 3800+ | 2GB DDR2 800 | HDHomerun | GeForce 6150 (onboard) | WD 640 GB SATA HD | DVD-RW (sata) | StreamZap IR receiver with Logitech Harmony remote

Vizio 37" LCD HDTV (1080p)

Just to confirm, if I wanted to authenticate everything, rather than directory by directory, I could just change "/mythweb" to "/" ?

I believe that will work although I haven't tried it.

The Lighttpd way is fairly new to me, I'm used to .htaccess files in Apache. Should be easy to test and see though.

Martian

_________________
ABIT NF-M2 nView | Athlon 64 X2 3800+ | 2GB DDR2 800 | HDHomerun | GeForce 6150 (onboard) | WD 640 GB SATA HD | DVD-RW (sata) | StreamZap IR receiver with Logitech Harmony remote

Vizio 37" LCD HDTV (1080p)

Yep, that was it. Thanks again.

I opened a flyspray to enable security on all pages a while ago. In lists the necessary changes.

http://linhes.org/flyspray/index.php?do ... ask_id=421

_________________
ASUS AT3N7A-I (Atom 330)
TBS 8922 PCI (DVB-S2)