How do I add additional users. I have tried removing the -c flag from the htdigest command and that did not work.

any advice?

Use the following command:
Substitute the username you want to add for <newuser>. Make sure to su to root first.

perfect. thanks, I was missing the mythtv part.

Just a note: make sure the real has proper capitalization. I needed to use "MythTV" rather than all lowercase "mythtv"

For the sake of a complete how-to, can someone verify that this is the correct method for R5B7?

- run the script "ToggleWebSecurity.sh -mythweb"
- used the command "htdigest -c /var/www/htdigest MythTV -username-"
- enter a new password twice
- edit the file /etc/apache/httpd.conf and add the lines

- save the file
- restart Apache with "/etc/init.d/apache restart"

(Note, that the spelling of MythTV in the htdigest command is the same spelling and letter case as in the AuthName line.)

- login to the IP address of the Myth box (using Firefox)

This seems to work to give password protected access to the Mythbox.

Eric

_________________
KnoppMyth R5.5, Asus A8N-VM CSM (nvidia 6150 onboard video), AMD Athlon 64 dual-core 4200+, two 1GB sticks DDR 400, HD-3000 HDTV card, PVR-150 card, Iguanaworks RS-232 IR receiver/transmitter, Pioneer DVR-110 DVD burner

Mythweb should already be secured on a fresh install of R5B7. There is no reason to do these steps. If your fresh install had an unsecure mythweb then please give us some details so that the developers can find the problem.

When I first logged into the KnoppMyth machine with a web browser from a Windows machine on the network, I was NOT asked for a username or password. That's why I went in search of the security ON switch.

So, the evidence shows that R5B7 security doesn't work as intended.

Another person had the same experience.
http://mysettopbox.tv/phpBB2/viewtopic. ... t=security

added 5-13-06

I just did another clean install of KnoppMyth R5B7 today. I tested the WebMyth security before making any changes - wide open - no passwords asked for.
After I ran the ToggleWebSecurity.sh script twice, (once to turn it off, and once more to turn it on), THEN I was asked for a password.

Hello developers: So what info will help you fix this bug?

Eric

_________________
KnoppMyth R5.5, Asus A8N-VM CSM (nvidia 6150 onboard video), AMD Athlon 64 dual-core 4200+, two 1GB sticks DDR 400, HD-3000 HDTV card, PVR-150 card, Iguanaworks RS-232 IR receiver/transmitter, Pioneer DVR-110 DVD burner

I just upgraded to R5C7 and the digest password usage caught me unawares. I use a download manager to leech files to my work computer from home so digest passwords kill any chance of that, and I couldn't find any help on here how to revert to the BasicAuth tutorial that I have used for so long. Here's what I did:

change /etc/apache/httpd.conf - comment out all the lines starting with AuthType Digest and add in the ones for BasicAuth

use htpasswd to create a user in the /etc/apache/basicauth file, then give it a password

edit /etc/apache/modules.conf and comment out the lines with pam_auth_module and digest_auth_module

restart apache

hooray I can copy files again!

amazing.....after hours and hours of reading, "mucking" around I solved mine too with the help of this post.

I used the htdigest command without the path with no luck.

Using the htdigest command WITH the path and the problem is instantly fixed.

Little things like that are really frustrating.

Thanks to the original poster for the clue.

Im a Linux Noob, this is just an Idea.
For me this way worked to secure Mythweb:

nano /etc/apache/httpd.conf
Ctrl.+w search for directory /var/www
a few lines below has to be
AllowOverride All
AuthType Digest
AuthName "MythTV"
AuthUserFile /var/www/htdigest
Require valid-user

(delete the # in front of the lines)

create Password:
htdigest -c /var/www/htdigest MythTV mythtv
2 x Question for new password.
if the file allready exists:
htdigest /var/www/htdigest MythTV mythtv
other username:
htdigest /var/www/htdigest MythTV yourname

Edit the file:
/usr/share/mythtv/mythweb/.htaccess
AuthType Digest
AuthName "MythTV"
AuthUserFile /var/www/htdigest
Require valid-user

Open mythweb with:
http:// IP /mythweb/mythweb.php

It looks like there is no need to edit any sort of httpd.conf file with R5F1. I searched my system and there is none. (Actually there is a /etc/apache2/httpd.conf file, but it is empty.)

So, in R5F1 all I did was setup the usernames and passwords for the Mythweb users as follows:

- log in to a command line as root
- use the command "htdigest -c /etc/htdigest MythTV -username-"
- enter your new password twice
- restart Apache with "/etc/init.d/apache2 restart"

Is there any more to it in R5F1?

Any additions encouraged!
Eric

_________________
KnoppMyth R5.5, Asus A8N-VM CSM (nvidia 6150 onboard video), AMD Athlon 64 dual-core 4200+, two 1GB sticks DDR 400, HD-3000 HDTV card, PVR-150 card, Iguanaworks RS-232 IR receiver/transmitter, Pioneer DVR-110 DVD burner