copy encrypted cpanel login credentials

craigedmonds

Well-Known Member
Oct 29, 2007
113
0
66
Europe
cPanel Access Level
Root Administrator
Twitter
I am writing a bash script in order to lock down wordpress with htpasswd method.

The script requires me to write htpasswd compatible credentials to a .htpasswd file. Currently I am putting in the username and a random password which works fine but would be easier for the end user if I could drop their cpanel login details to that file instead so they can enter in their cpanel details when they are prompted to login.

Is it possible to copy the cpanel login credentials from somewhere for a user and copy the encrypted credentials to the .htpassd file?
 

Sys Admin

Well-Known Member
Apr 29, 2007
67
0
156
cPanel Access Level
Root Administrator
I discourage doing it in this way, It's highly insecure. However, CentOS and Redhat uses MD5 encryption by default. You can double check the file at /etc/login.defs and to do it you can just code the script to extract the entries for that specific user from /etc/shadow and to put it in their own .htpasswd , Again, This is insecure and is a bad and dangerous practice.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

I have moved this thread to the "Security" forum. You should get more input about this topic here. To note, it's likely a better idea to provide the user with credentials that are different than their cPanel username/password.

Thank you.