There's two things going on here.
First, your manual hash is using a different algorithm than htpasswd
. The -s
flag causes htpasswd
to use SHA1, not SHA256. Use sha1sum
instead of sha256sum
.
Second, the encoding of the hashes are different. Your manual hash is Hex encoded, the htpasswd
hash is Base64 encoded. The htpasswd
hash will decode, it just decodes to binary. If you try to print this binary it will look like =¥AU™¨Â@+ºPöÆ'f
(depending on what character encoding you're using), and that may be why you believe it's not decoding.
If you convert the Base64 directly to Hex (you can use an online tool like this one), you'll find that sha1sum
will generate the same hash.
My friend explained that piping "asdf" to sha256sum is showing the checksum, which is not the actual hash itself.
Your friend is incorrect. You're seeing the Hex encoding of the hash. But the piping does affect the hash that's generated, it adds a newline character, so what you're actually hashing is asdf\n
. Use this command instead:
echo -n "asdf" | sha1sum