For Red Hat-based distributions (RHEL, CentOS, Scientific Linux), the htpasswd utility is included in the httpd-tools package, not in a separate package like Ubuntu's apache2-utils. This can be confirmed with:
yum provides */htpasswd
Which should return output similar to:
httpd-tools-2.4.6-90.el7.x86_64 : Tools for use with the Apache HTTP Server
Repo : base
Matched from:
Filename : /usr/bin/htpasswd
To install the package, run:
sudo yum install httpd-tools
For newer versions using dnf:
sudo dnf install httpd-tools
After installation, you can use htpasswd to create or modify password files:
Create a new password file:
htpasswd -c /etc/httpd/.htpasswd username
Add another user to existing file (omit -c flag):
htpasswd /etc/httpd/.htpasswd anotheruser
Use bcrypt encryption (more secure than default crypt):
htpasswd -B /etc/httpd/.htpasswd secureuser
Here's a sample Apache configuration snippet for password protection:
<Directory "/var/www/protected">
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /etc/httpd/.htpasswd
Require valid-user
</Directory>
Verify the installation by checking the version:
htpasswd -v
Common issues and solutions:
- Permission issues: Ensure Apache can read the .htpasswd file
- Syntax errors: Validate your Apache configuration with
apachectl configtest - Encryption method conflicts: Use consistent encryption methods when adding users
For batch user creation, you can use:
htpasswd -b /path/to/file username password
To verify a password against the file:
htpasswd -v /path/to/file username
While httpd-tools is the standard method, alternatives include:
- Using OpenSSL to create passwords:
openssl passwd -apr1 - Using the Perl module (for scripting):
yum install perl-Apache-Htpasswd
For RHEL-based systems (including CentOS and Scientific Linux), the htpasswd utility comes bundled with the httpd-tools package, not apache2-utils like in Debian/Ubuntu systems. This is a common point of confusion when transitioning between Linux distributions.
# Search for the package:
yum search htpasswd
# Or for newer systems:
dnf search htpasswdExecute these commands to install the httpd-tools package:
# For yum-based systems:
sudo yum install httpd-tools
# For dnf-based systems:
sudo dnf install httpd-tools
# Verify installation:
which htpasswd
# Should return: /usr/bin/htpasswdHere are common use cases for htpasswd:
# Create new password file (-c flag creates file)
htpasswd -c /etc/httpd/.htpasswd user1
# Add additional users (omit -c flag)
htpasswd /etc/httpd/.htpasswd user2
# Using different encryption algorithms
htpasswd -bB /etc/httpd/.htpasswd user3 securepassword # bcrypt
htpasswd -bm /etc/httpd/.htpasswd user4 securepassword # MD5
htpasswd -bs /etc/httpd/.htpasswd user5 securepassword # SHA1Example configuration for password-protected directory:
<Directory "/var/www/html/protected">
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /etc/httpd/.htpasswd
Require valid-user
</Directory>Batch user creation (useful for automation):
# Create users from a list
for user in admin editor viewer; do
htpasswd -b /etc/httpd/.htpasswd $user $(openssl rand -base64 12)
done
# Verify file contents
cat /etc/httpd/.htpasswdRemember to set proper permissions on the password file:
chown apache:apache /etc/httpd/.htpasswd
chmod 640 /etc/httpd/.htpasswdCommon issues and solutions:
- Command not found: Verify httpd-tools is installed
- Authentication failures: Check file permissions and SELinux context
- Password file location: Best practice is to store outside web root