[HOWTO] Squid proxy authentication using ncsa_auth helper

其實都俾人ORDER 咗好耐要做的事來了. 但遲遲未做起.. 今次一次過搞好VNC & PROXY AUTHENTICATION, 心情也不錯!

Following are included by default in most squid and most Linux distros:
=> NCSA: Uses an NCSA-style username and password file.
=> LDAP: Uses the Lightweight Directory Access Protocol
=> MSNT: Uses a Windows NT authentication domain.
=> PAM: Uses the Linux Pluggable Authentication Modules scheme.
=> SMB: Uses a SMB server like Windows NT or Samba.
=> getpwam: Uses the old-fashioned Unix password file.
=> SASL: Uses SALS libraries.
=> NTLM, Negotiate and Digest authentication

Step #1: Create a username/password
htpasswd /etc/squid/passwd user1
-m Use MD5 encryption for passwords. On Windows, Netware and TPF, this is the default.

-d Use crypt() encryption for passwords. The default on all platforms but Windows, Netware and
TPF. Though possibly supported by htpasswd on all platforms, it is not supported by the httpd
server on Windows, Netware and TPF.

-s Use SHA encryption for passwords. Facilitates migration from/to Netscape servers using the
LDAP Directory Interchange Format (ldif).

-p Use plaintext passwords. Though htpasswd will support creation on all platforms, the httpd
daemon will only accept plain text passwords on Windows, Netware and TPF.

-D Delete user. If the username exists in the specified htpasswd file, it will be deleted.

Stop #2: Check the location of ncsa_auth
rpm -ql squid | grep ncsa_auth
Step # 3: Configure nsca_auth for squid proxy authentication
vi /etc/squid/squid.conf
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

acl ncsa_users proxy_auth REQUIRED
http_access allow ncsa_users

/etc/init.d/squid restart

Finial Result:

Leave a Reply


This site uses Akismet to reduce spam. Learn how your comment data is processed.