copy encrypted cpanel login credentials

craigedmonds

• October 19, 2013 11:48

I am writing a bash script in order to lock down wordpress with htpasswd method. The script requires me to write htpasswd compatible credentials to a .htpasswd file. Currently I am putting in the username and a random password which works fine but would be easier for the end user if I could drop their cpanel login details to that file instead so they can enter in their cpanel details when they are prompted to login. Is it possible to copy the cpanel login credentials from somewhere for a user and copy the encrypted credentials to the .htpassd file?

• 

  Sys Admin

  • October 19, 2013 22:24

  I discourage doing it in this way, It's highly insecure. However, CentOS and Redhat uses MD5 encryption by default. You can double check the file at /etc/login.defs and to do it you can just code the script to extract the entries for that specific user from /etc/shadow and to put it in their own .htpasswd, Again, This is insecure and is a bad and dangerous practice.

  0
• 

  cPanelMichael

  • October 21, 2013 13:31

  Hello :) I have moved this thread to the "Security" forum. You should get more input about this topic here. To note, it's likely a better idea to provide the user with credentials that are different than their cPanel username/password. Thank you.

  0

Please sign in to leave a comment.