How to map Apache 2.x htpasswd to /etc/passwd?

[mattengland]

On one of my Apache servers I want Apache-authenticated user logins and passwords to be the same as the general Linux-system (Redhat 9 or Fedora-Core2) user accounts and passwords (I'm wrapping the web login around SSL so I have few security concerns).

Is there a means to do this?

An example of a possible way:

<Location />
Require valid-user
AuthType Basic
AuthName "My site"
AuthUserFile /data/htpasswd-file-that-automatically-maps-to-etc-passwd
</Location>

I have no idea if this can happen, though, either by the above means or some other way.

In essense, I'm trying to remove one less headache in login/signon management.

Thanks for any help,
-Matt

[jasonlambert]

i dont think it's possible and proberly for good reason as apache passwords are transmitted in clear text. Having root passwords or shell logon credentials flying around in clear text is not secure.

[mattengland]

For what it's worth I'm only allowing SSL web access for the logins, thus securing/protecting (at least per my understanding) the user login/password text.

-Matt

[SilentRage]

The closest you can get is importing the usernames and hashes from the /etc/shadow file and sticking them into a .htpasswd file in the appropriate format. You'll have to be logged in as root to import those hashes.

This makes your system less secure.