401 Unauthorized has two authentication methods; one is through ssh access to fd.o shell accounts (e.g. git+ssh:// ), the other is over HTTPS (e.g. ).

To avoid problems with spammers, the htpasswd entries associated with HTTPS authentication involve manual administration.

If you have a shell account, you can add or update any htpasswd entry: ssh wikipasswd INSERT_DESIRED_USERNAME_HERE. Use your powers wisely; everything is logged under version control.

If you don't have a shell account, you should find a way to generate a hash and safely send it to the sitewranglers with a clearsigned signature that can be gpg --verifyed.


(Note if you customize the hash mechanism: we are currently using Apache 2.2 and thus do not yet support bcrypt hashes.)


  • gpg --clearsign
  • enter GPG passphrase
  • paste htpasswd entry
  • EOF with ctrl-d


  • If you do not have an existing shell account, send your signed hash to


  • With a root account on annarchy, append or replace the user's htpasswd entry in /etc/apache2/userdb.basic