I suppose that the crypt() function itself could be sensitive to the setting in /etc - but all ntop does is use the function. If that's what's going on, then maybe you changed the setting after the values were stored? That could account for the problem. Not that you're the 1st, just the 1st to CHANGE the setting without recreating ntop_pw.db...
I posted dumpgdbm a long time ago... http://article.gmane.org/gmane.linux.ntop.general/3557 -----Burton > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf > Of Jaco van Tonder > Sent: Sunday, February 08, 2004 2:26 PM > To: [EMAIL PROTECTED] > Cc: Burton M. Strauss III > Subject: Re: [Ntop-dev] [FreeBSD 5.2.1-RC] Web authentication not > working ? > > > Burton M. Strauss III wrote: > > >Nope ... ntop's passwords are completely self contained in the ntop_pw.db > >file. Simple crypt() of the value. > > > >You're right, 1admin etc. is the database key... > > > ># dumpgdbm /usr/share/ntop/ntop_pw.db > >'2resetStats': 'users=1admin' > >' 1admin': 'xxxxxxxxxxx' > >' 2showU': 'users=1admin' > >' 2shut': 'users=1admin' > >' 2chang': 'users=1admin' > >' 2deleteU': 'users=1admin' > >'2privacyFlag': 'users=1admin' > >' 2modifyU': 'users=1admin' > >Records read: 8 > > > >1s are users > >2s are url (prefix) for security. > > > >So 2shut means that any url begining shut is secured, and that > the permitted > >userid is admin. > > > >But you're seeing something totally different than I am... the > > > >URL_DEBUG: read HTTP header line: Authorization: Basic MWFkbWluOg== [33] > > > >means ntop IS receving the userid/password from the browser. > > > >Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: Retrieving '2showU' > > > >Means you're pulling it out of the database and > > > >Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: gdbm_fetch(..., > >'2showU')='users=1admin' > > > >means it did read the record fine. What was the next few > messages??? Those > >will tell you if the password check permitted or failed the test > (maybe you > >just are typing the wrong password...) > > > >-----Burton > > > > > > > > > Burton, > > Sorted. If I make crypt_default = des then it works like a charm. > > Hmm, looks like it actually has to do with setting crypt_default in > /etc/auth.conf on FreeBSD after all. I don't have > dumpgdbm to verify this, but if you look the way that the passwords > change as I change crypt_default I suspect that > I *might* be right. > > with crypt_default=des > Feb 8 22:02:45 mainframe ntop[37088]: HTTP/I18N_URL_DEBUG: Referer = > 'http://mainframe.savuti.co.za:3000/Admin.html' > Feb 8 22:02:45 mainframe ntop[37088]: URL_DEBUG: uri is > '/showURLs.html' > Feb 8 22:02:45 mainframe ntop[37088]: URL_DEBUG: Checking > password-protect for '/showURLs.html' > Feb 8 22:02:45 mainframe ntop[37088]: URL_DEBUG: Retrieving '2showU' > Feb 8 22:02:45 mainframe ntop[37088]: URL_DEBUG: gdbm_fetch(..., > '2showU')='users=1admin' > Feb 8 22:02:45 mainframe ntop[37088]: URL_DEBUG: User='admin' - > Pw='password' > Feb 8 22:02:45 mainframe ntop[37088]: URL_DEBUG: Record='1admin' = > '99ryZiYJu/1JE' > Feb 8 22:02:45 mainframe ntop[37088]: URL_DEBUG: Page: 'showURLs.html' > > The des crypt() password is much shorter than the md5 (32) or blf (??). > > Maybe you should investigate this a bit further. I can also do that, so > just let me know. > I will see if I can get dumpgdbm to actually compile on this > FreeBSD box. :P > For now I will keep the setting at des to keep stuff working this side. > > Funny things is that I seem to be the first geek actually paranoid > enough to make use of blowfish encryption on my ntop box. > Heh. *paranoia* > > Thanks for your help and pointing me in the right direction. > > Regards > Jaco > > _______________________________________________ > Ntop-dev mailing list > [EMAIL PROTECTED] > http://listgateway.unipi.it/mailman/listinfo/ntop-dev > _______________________________________________ Ntop-dev mailing list [EMAIL PROTECTED] http://listgateway.unipi.it/mailman/listinfo/ntop-dev
