Author |
Message |
sjwanta
|
Posted: Sat May 06, 2006 8:36 am |
|
Joined: Sat Apr 29, 2006 10:04 am
Posts: 20
|
How do I add additional users. I have tried removing the -c flag from the htdigest command and that did not work.
any advice?
|
|
Top |
|
|
ryanpatterson
|
Posted: Sat May 06, 2006 11:14 am |
|
Joined: Fri Aug 26, 2005 9:54 pm
Posts: 617
|
sjwanta wrote: How do I add additional users. I have tried removing the -c flag from the htdigest command and that did not work.
any advice?
Use the following command: Code: htdigest /var/www/htdigest mythtv <newuser>
Substitute the username you want to add for <newuser>. Make sure to su to root first.
|
|
Top |
|
|
sjwanta
|
Posted: Sun May 07, 2006 6:44 am |
|
Joined: Sat Apr 29, 2006 10:04 am
Posts: 20
|
perfect. thanks, I was missing the mythtv part.
Just a note: make sure the real has proper capitalization. I needed to use "MythTV" rather than all lowercase "mythtv"
Last edited by sjwanta on Mon May 08, 2006 11:28 am, edited 1 time in total.
|
|
Top |
|
|
neutron68
|
Posted: Sun May 07, 2006 5:43 pm |
|
Joined: Tue Mar 28, 2006 8:26 pm
Posts: 804
Location:
Minneapolis, MN
|
For the sake of a complete how-to, can someone verify that this is the correct method for R5B7?
- run the script "ToggleWebSecurity.sh -mythweb"
- used the command "htdigest -c /var/www/htdigest MythTV -username-"
- enter a new password twice
- edit the file /etc/apache/httpd.conf and add the lines
Code: AllowOverride All AuthType Digest AuthName "MythTV" AuthDigestFile /var/www/htdigest Require valid-user
- save the file
- restart Apache with "/etc/init.d/apache restart"
(Note, that the spelling of MythTV in the htdigest command is the same spelling and letter case as in the AuthName line.)
- login to the IP address of the Myth box (using Firefox)
This seems to work to give password protected access to the Mythbox.
Eric
_________________ KnoppMyth R5.5, Asus A8N-VM CSM (nvidia 6150 onboard video), AMD Athlon 64 dual-core 4200+, two 1GB sticks DDR 400, HD-3000 HDTV card, PVR-150 card, Iguanaworks RS-232 IR receiver/transmitter, Pioneer DVR-110 DVD burner
Last edited by neutron68 on Tue Jul 04, 2006 10:18 pm, edited 2 times in total.
|
|
Top |
|
|
ryanpatterson
|
Posted: Mon May 08, 2006 5:52 am |
|
Joined: Fri Aug 26, 2005 9:54 pm
Posts: 617
|
neutron68 wrote: For the sake of a complete how-to, can someone verify that this is the correct method for R5B7?
Mythweb should already be secured on a fresh install of R5B7. There is no reason to do these steps. If your fresh install had an unsecure mythweb then please give us some details so that the developers can find the problem.
|
|
Top |
|
|
neutron68
|
Posted: Mon May 08, 2006 12:30 pm |
|
Joined: Tue Mar 28, 2006 8:26 pm
Posts: 804
Location:
Minneapolis, MN
|
When I first logged into the KnoppMyth machine with a web browser from a Windows machine on the network, I was NOT asked for a username or password. That's why I went in search of the security ON switch.
So, the evidence shows that R5B7 security doesn't work as intended.
Another person had the same experience.
http://mysettopbox.tv/phpBB2/viewtopic. ... t=security
added 5-13-06
I just did another clean install of KnoppMyth R5B7 today. I tested the WebMyth security before making any changes - wide open - no passwords asked for.
After I ran the ToggleWebSecurity.sh script twice, (once to turn it off, and once more to turn it on), THEN I was asked for a password.
Hello developers: So what info will help you fix this bug?
Eric
_________________ KnoppMyth R5.5, Asus A8N-VM CSM (nvidia 6150 onboard video), AMD Athlon 64 dual-core 4200+, two 1GB sticks DDR 400, HD-3000 HDTV card, PVR-150 card, Iguanaworks RS-232 IR receiver/transmitter, Pioneer DVR-110 DVD burner
Last edited by neutron68 on Tue Aug 01, 2006 9:15 pm, edited 2 times in total.
|
|
Top |
|
|
cwapface2
|
Posted: Thu May 25, 2006 11:41 am |
|
Joined: Thu Feb 09, 2006 9:34 am
Posts: 10
|
I just upgraded to R5C7 and the digest password usage caught me unawares. I use a download manager to leech files to my work computer from home so digest passwords kill any chance of that, and I couldn't find any help on here how to revert to the BasicAuth tutorial that I have used for so long. Here's what I did:
change /etc/apache/httpd.conf - comment out all the lines starting with AuthType Digest and add in the ones for BasicAuth
use htpasswd to create a user in the /etc/apache/basicauth file, then give it a password
edit /etc/apache/modules.conf and comment out the lines with pam_auth_module and digest_auth_module
restart apache
hooray I can copy files again!
|
|
Top |
|
|
VXAgent
|
Posted: Tue Jul 04, 2006 3:23 pm |
|
Joined: Sun Nov 13, 2005 1:24 pm
Posts: 11
|
amazing.....after hours and hours of reading, "mucking" around I solved mine too with the help of this post.
I used the htdigest command without the path with no luck.
Using the htdigest command WITH the path and the problem is instantly fixed.
Little things like that are really frustrating.
Thanks to the original poster for the clue.
|
|
Top |
|
|
vancouverbc
|
Posted: Tue Jul 18, 2006 6:47 am |
|
Joined: Tue Jul 18, 2006 3:07 am
Posts: 2
|
Im a Linux Noob, this is just an Idea.
For me this way worked to secure Mythweb:
nano /etc/apache/httpd.conf
Ctrl.+w search for directory /var/www
a few lines below has to be
AllowOverride All
AuthType Digest
AuthName "MythTV"
AuthUserFile /var/www/htdigest
Require valid-user
(delete the # in front of the lines)
create Password:
htdigest -c /var/www/htdigest MythTV mythtv
2 x Question for new password.
if the file allready exists:
htdigest /var/www/htdigest MythTV mythtv
other username:
htdigest /var/www/htdigest MythTV yourname
Edit the file:
/usr/share/mythtv/mythweb/.htaccess
AuthType Digest
AuthName "MythTV"
AuthUserFile /var/www/htdigest
Require valid-user
Open mythweb with:
http:// IP /mythweb/mythweb.php
|
|
Top |
|
|
Zerfram
|
Posted: Wed Aug 16, 2006 4:43 pm |
|
Joined: Sun Apr 02, 2006 2:07 pm
Posts: 12
|
|
Top |
|
|
neutron68
|
Posted: Mon Jun 18, 2007 9:10 pm |
|
Joined: Tue Mar 28, 2006 8:26 pm
Posts: 804
Location:
Minneapolis, MN
|
It looks like there is no need to edit any sort of httpd.conf file with R5F1. I searched my system and there is none. (Actually there is a /etc/apache2/httpd.conf file, but it is empty.)
So, in R5F1 all I did was setup the usernames and passwords for the Mythweb users as follows:
- log in to a command line as root - use the command "htdigest -c /etc/htdigest MythTV -username-" - enter your new password twice - restart Apache with "/etc/init.d/apache2 restart"
Is there any more to it in R5F1?
Any additions encouraged!
Eric
_________________ KnoppMyth R5.5, Asus A8N-VM CSM (nvidia 6150 onboard video), AMD Athlon 64 dual-core 4200+, two 1GB sticks DDR 400, HD-3000 HDTV card, PVR-150 card, Iguanaworks RS-232 IR receiver/transmitter, Pioneer DVR-110 DVD burner
|
|
Top |
|
|