apache 你如何htdigest 400个用户帐户?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/645659/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How do you htdigest 400 user accounts?
提问by zeroin23
How do you generate user accounts for 400 users to do a load testing?
您如何为 400 个用户生成用户帐户来进行负载测试?
Htdigest forces you to type in a password each time, I have tried dos pipes like
Htdigest 强制您每次都输入密码,我尝试过类似的 dos 管道
echo password > htdigest -c realm username%1
htdigest -c realm username%1 < password.txt
but it is not working...
但它不起作用......
回答by X-Istence
You can also check out the python script that trac distributes on their website for htdigest passwords, you can then automate it:
您还可以查看 trac 在其网站上分发的 python 脚本以获取 htdigest 密码,然后您可以将其自动化:
Generating htdigest passwords without Apache
They also suggest something along these lines will work:
他们还建议按照以下方式行事:
It is possible to use md5sum utility to generate digest-password file using such method:
可以使用 md5sum 实用程序使用以下方法生成摘要密码文件:
$ printf "${user}:trac:${password}" | md5sum - >>user.htdigest
and manually delete " -" from the end and add "${user}:trac:" to the start of line from 'to-file'.
并从末尾手动删除“-”并将“${user}:trac:”添加到“to-file”行的开头。
I have tested this on FreeBSD, not sure if this will work on Linux or Windows, so you may need to modify it a little:
我已经在 FreeBSD 上测试过了,不确定这是否适用于 Linux 或 Windows,所以你可能需要稍微修改一下:
(echo -n "user:realm:" && echo -n "user:realm:testing" | md5) > outfile
outfile contains:
输出文件包含:
user:realm:84af20dd88a2456d3bf6431fe8a59d16
Same thing with htdigest:
与 htdigest 相同的事情:
htdigest -c outfile2 realm user
output in outfile2
outfile2 中的输出
user:realm:84af20dd88a2456d3bf6431fe8a59d16
They are both the same, thereby proving correctness of the command line implementation!
它们都是相同的,从而证明命令行实现的正确性!
回答by Douglas Leeder
(Aside: On unix/linux the first one should be:
(旁白:在 unix/linux 上,第一个应该是:
echo password | htdigest -c realm username
)
)
As htdigest doesn't have any nice way to pass the password in, I would use expectto automate the process.
由于 htdigest 没有任何好的方式来传递密码,我会用它expect来自动化这个过程。
An example from http://www.seanodonnell.com/code/?id=21:
来自 http://www.seanodonnell.com/code/?id=21 的示例:
#!/usr/bin/expect
#########################################
#$ file: htpasswd.sh
#$ desc: Automated htpasswd shell script
#########################################
#$
#$ usage example:
#$
#$ ./htpasswd.sh passwdpath username userpass
#$
######################################
set htpasswdpath [lindex $argv 0]
set username [lindex $argv 1]
set userpass [lindex $argv 2]
# spawn the htpasswd command process
spawn htpasswd $htpasswdpath $username
# Automate the 'New password' Procedure
expect "New password:"
send "$userpass\r"
expect "Re-type new password:"
send "$userpass\r"
It's left as an exercise to the user to convert this for Windows if required.
如果需要,可以将其转换为 Windows 的练习留给用户。
回答by Douglas Leeder
Here is a script that will read in a list of user names, generate a random password for each, and output them to both an htdigest file, and a plain text file. It has been tested on Linux, but may need to be modified for other systems. In particular, md5summay be md5, and headdoes always accept the -cflag.
这是一个脚本,它将读入用户名列表,为每个用户名生成一个随机密码,并将它们输出到 htdigest 文件和纯文本文件。它已经在 Linux 上进行了测试,但可能需要针对其他系统进行修改。特别是,md5sum可能是md5,并且head确实总是接受-c标志。
#!/bin/bash
# auth realm for digest auth
AUTH_REALM=MyRealm
# file locations
# a file containing a list of user names,
# one name per line, e.g.,
# $ cat users.txt
# joe
# curly
# larry
USER_FILE=users.txt
# htdigest file, needs to exist
HTDIGEST_FILE=passwd.htdigest
# insecure password file
PASSWD_FILE=passwd.txt
# read the names from the user file
while read username
do
# generate a pseudo-random password
rand_pw=`< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8`
# hash the username, realm, and password
htdigest_hash=`printf $username:$AUTH_REALM:$rand_pw | md5sum -`
# build an htdigest appropriate line, and tack it onto the file
echo "$username:$AUTH_REALM:${htdigest_hash:0:32}" >> $HTDIGEST_FILE
# put the username and password in plain text
# clearly, this is terribly insecure, but good for
# testing and importing
echo "$username:$rand_pw" >> $PASSWD_FILE
done < $USER_FILE
This is what the input and results look like, first the user names file:
这是输入和结果的样子,首先是用户名文件:
$ cat users.txt
joe
curly
larry
Running the script:
运行脚本:
$ ./load_users.bash
The resulting htdigest file:
生成的 htdigest 文件:
$ cat passwd.htdigest
joe:MyRealm:2603a6c581f336f2874dbdd253aee780
curly:MyRealm:fd3f9d87bba654439d5ba1f32c0286a8
larry:MyRealm:c1c3c0dc50a9b97e9f7ee582e3fce892
And the plain text file:
和纯文本文件:
$ cat passwd.txt
joe:aLnqnrv0
curly:3xWxHKmv
larry:7v7m6mXY
