HtPasswd
by BytesAgain
Generate htpasswd entries for Apache/Nginx basic auth password management. Use when creating credentials, managing password files, or verifying users.
安装
claude skill add --url github.com/openclaw/skills/tree/main/skills/bytesagain1/htpasswd文档
HtPasswd
A real htpasswd file manager for Apache/Nginx HTTP basic authentication. Create password files, add/remove users, verify passwords, and list users. Supports apr1 (Apache MD5), SHA-256, and SHA-512 hash algorithms via openssl.
Commands
| Command | Description |
|---|---|
htpasswd create <file> <user> <password> | Create a new htpasswd file with the first user (fails if file exists) |
htpasswd add <file> <user> <password> | Add a user to an existing file (or update password if user exists) |
htpasswd delete <file> <user> | Remove a user from the htpasswd file |
htpasswd verify <file> <user> <password> | Verify a user's password (supports apr1, sha256, sha512, sha1, crypt) |
htpasswd list <file> | List all users with their hash algorithm type |
htpasswd version | Show version |
htpasswd help | Show available commands and usage |
Configuration
| Variable | Default | Description |
|---|---|---|
HTPASSWD_ALGO | apr1 | Hash algorithm: apr1, sha256, or sha512 |
Requirements
- Bash 4+ (
set -euo pipefail) openssl— for password hashing and verificationgrep,sed— standard text utilities- No external dependencies or API keys
When to Use
- Setting up basic auth —
htpasswd create /etc/nginx/.htpasswd admin secretto create a new file - Managing users —
htpasswd addto add users,htpasswd deleteto remove them - Password verification —
htpasswd verifyto check if a password is correct - Security audits —
htpasswd listshows all users and their hash types - Stronger hashing — Set
HTPASSWD_ALGO=sha512for SHA-512 instead of default apr1
Examples
# Create a new htpasswd file
htpasswd create /etc/nginx/.htpasswd admin MySecretPass
# Add another user
htpasswd add /etc/nginx/.htpasswd editor AnotherPass
# Use SHA-512 for stronger hashing
HTPASSWD_ALGO=sha512 htpasswd add /etc/nginx/.htpasswd secure_user StrongPass
# List all users
htpasswd list /etc/nginx/.htpasswd
# Verify a password
htpasswd verify /etc/nginx/.htpasswd admin MySecretPass
# Delete a user
htpasswd delete /etc/nginx/.htpasswd editor
Example Output
$ htpasswd create /tmp/.htpasswd admin secret123
┌──────────────────────────────────────────────────┐
│ htpasswd File Created │
├──────────────────────────────────────────────────┤
│ File: /tmp/.htpasswd │
│ User: admin │
│ Algo: apr1 │
│ Perms: 640 (owner rw, group r) │
├──────────────────────────────────────────────────┤
│ ✅ File created with 1 user │
└──────────────────────────────────────────────────┘
$ htpasswd list /tmp/.htpasswd
┌──────────────────────────────────────────────────┐
│ htpasswd Users │
├──────────────────────────────────────────────────┤
│ File: /tmp/.htpasswd │
│ Users: 2 │
├──────────────────────────────────────────────────┤
│ 1. admin [apr1 (MD5) ] │
│ 2. editor [sha512 ] │
└──────────────────────────────────────────────────┘
$ htpasswd verify /tmp/.htpasswd admin secret123
┌──────────────────────────────────────────────────┐
│ Password Verification │
├──────────────────────────────────────────────────┤
│ File: /tmp/.htpasswd │
│ User: admin │
│ Result: ✅ Password CORRECT │
└──────────────────────────────────────────────────┘
Security Notes
- Files are created with
640permissions (owner read/write, group read) - Default algorithm is
apr1(Apache MD5) — widely compatible - Use
HTPASSWD_ALGO=sha512for stronger hashing on modern systems - Usernames cannot contain
:or whitespace characters - Existing users get their password replaced when using
add
Powered by BytesAgain | bytesagain.com | hello@bytesagain.com
相关 Skills
安全专家
by alirezarezvani
覆盖威胁建模、漏洞评估、安全架构设计、代码审计与渗透测试,内置 STRIDE、OWASP、加密模式和安全扫描流程,适合系统设计评审与上线前安全排查。
✎ 安全专家把威胁建模、漏洞分析到渗透测试串成一套流程,内置 STRIDE 与 OWASP 指南,做安全设计和排查更省心。
安全运营
by alirezarezvani
覆盖应用安全、漏洞管理与合规审计,支持代码/依赖扫描、CVE 评估、Secrets 检测和安全自动化,适合做安全基线落地、漏洞响应、审计检查与安全开发治理。
✎ 应用安全、漏洞管理和合规检查一套打通,还能自动化扫描与响应,帮团队更早发现并收敛风险。
安全审计
by alirezarezvani
安装前审计 Claude Code Skill 的代码执行、Prompt 注入和依赖供应链风险,支持本地目录或 Git 仓库扫描,输出 PASS/WARN/FAIL 结论及修复建议
✎ 把代码审查、漏洞扫描和合规检查串成一条线,帮团队更早发现风险,做安全治理更省心。
相关 MCP 服务
by Sentry
搜索和分析 Sentry 错误报告,辅助调试。
✎ 把零散的 Sentry 错误报告变成可检索线索,帮你在海量报错里更快定位线上故障,排障调试明显省时。
by sinewaveai
为 AI agents 提供安全层:拦截 prompt injection、识别伪造 packages,并扫描漏洞风险。
✎ 给 AI Agent 补上关键安全层,能拦截 prompt 注入、识别伪造包并扫描漏洞风险,把防护前置更省心。
by pantheon-security
强化安全性的 NotebookLM MCP,集成 post-quantum encryption,提升数据防护能力。