Password protected Clutch
Some may find the need to manage or control their transmission downloads from the Internet and yet wish to restrict the Clutch web user interface to a handful of authenticated users. This section will guide you through the process of securing your Clutch interface with username and password.
Before you continue, you should have already set up transmission for your DNS-313 or DNS-323 as well as the Clutch web user interface.
Constructing the password generator
Create a htdigest.sh file at /mnt/HD_a2/ with the following content. Simply type vi /mnt/HD_a2/htdigest.sh, press i and paste the following text in.
1 2 3 4 5 6 7 8 | #!/bin/sh user=$1 realm=$2 pass=$3 hash=`echo -n “$user:$realm:$pass” | md5sum | cut -b -32` echo “$user:$realm:$hash” |
After pasting in the above text, press <Esc>, then followed by :wq and Enter to save the file.
If you did it correctly, you should end up with a htdigest.sh file at /mnt/HD_a2/.
Generating hash information for username and password
In this case, we will be generating the necessary information for the username “clutch” with password “password” in the realm “Password Protected Area”. Generate the hash information by using the following command.
/ # sh /mnt/HD_a2/htdigest.sh ‘clutch’ ‘Password Protected Area’ ‘password’
clutch:Password Protected Area:98616824633db75cb8d3a63d5c0658cb
Storing the generated hash information
We will store the generated hash information at /ffp/etc/lighttpdpassword
/ # echo “clutch:Password Protected Area:98616824633db75cb8d3a63d5c0658cb” >> /ffp/etc/lighttpdpassword
Turning on authentication on your lighttpd
Enable mod_auth in the server.modules chunk by removing the # at the start of the line.
1 2 3 | # "mod_trigger_b4_dl", "mod_auth", # "mod_status", |
After the section on server.modules, add the following text:
1 2 3 4 5 6 7 8 9 10 11 | auth.debug = 2 auth.backend = “htdigest” auth.backend.htdigest.userfile = “/ffp/etc/lighttpdpassword” auth.require = ( “/clutch/” => ( “method” => “digest”, “realm” => “Password Protected Area”, “require” => “user=clutch” ) ) |
Save the file.
Testing your work
Restart your lighttpd so that your new settings could be applied.
/ # sh /ffp/start/lighttpd.sh restart
Stopping lighttpd
Starting /ffp/sbin/lighttpd -f /ffp/etc/lighttpd.conf
/ #
Surf to http://<NAS’s ip>:8080/clutch/ and it should prompt your for your username and password.
Extra Information
Adding additional users
We can easily add another user “clutch2” with password “password2” in the same realm “Password Protected Area” by generating the hash information and adding to “/ffp/etc/lighttpdpassword”. You would need to reflect this addition by modifying the lighttpd configuration file (/ffp/etc/lighttpd.conf).
1 2 3 4 5 6 7 | auth.require = ( “/clutch/” => ( “method” => “digest”, “realm” => “Password Protected Area”, “require” => “user=clutch<strong>|user=clutch2</strong>” ) ) |
Restart your lighttpd for it to recognize the new configuration with the following command
/ # sh /ffp/start/lighttpd.sh restart
You can add more users by repeating the process.