Thanks Dinish I will try hehehe... On Tue, Feb 26, 2008 at 11:55 AM, Dinish Ongcol <[EMAIL PROTECTED]> wrote:
> Configure an NCSA-style username and password authentication > > I am going to assume that squid is installed and working fine. > > *Tip:* Before going further, test basic Squid functionality. Make sure > squid is functioning without requiring authorization [image: :)] > Step # 1: Create a username/password > > First create a NCSA password file using htpasswd command. htpasswd is used > to create and update the flat-files used to store usernames and password for > basic authentication of squid users. > # htpasswd /etc/squid/passwd user1 > Output: > > New password: > Re-type new password: > Adding password for user user1 > > Make sure squid can read passwd file: > # chmod o+r /etc/squid/passwd > Step # 2: Locate nsca_auth authentication helper > > Usually nsca_auth is located at /usr/lib/squid/ncsa_auth. You can find out > location using rpm (Redhat,CentOS,Fedora) or dpkg (Debian and Ubuntu) > command: > # dpkg -L squid | grep nsca_auth > Output: > > /usr/lib/squid/ncsa_auth > > If you are using RHEL/CentOS/Fedora Core or RPM based distro try: > # rpm -ql squid | grep nsca_auth > Output: > > /usr/lib/squid/ncsa_auth > > Step # 3: Configure nsca_auth for squid proxy authentication > > Now open /etc/squid/squid.conf file > # vi /etc/squid/squid.conf > Append (or modify) following configration directive: > auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd > auth_param basic children 5 > auth_param basic realm Squid proxy-caching web server > auth_param basic credentialsttl 2 hours > auth_param basic casesensitive off > > Also find out your ACL section and append/modify > acl ncsa_users proxy_auth REQUIRED > http_access allow ncsa_users > > Save and close the file. > > Where, > > - *auth_param basic program /usr/lib/squid/ncsa_auth > /etc/squid/passwd* : Specify squid password file and helper program > location > - *auth_param basic children 5* : The number of authenticator > processes to spawn. > - *auth_param basic realm Squid proxy-caching web server* : Part of > the text the user will see when prompted their username and password > - *auth_param basic credentialsttl 2 hours* : Specifies how long > squid assumes an externally validated username:password pair is valid for - > in other words how often the helper program is called for that user with > password prompt. It is set to 2 hours. > - *auth_param basic casesensitive off *: Specifies if usernames are > case sensitive. It can be on or off only > - *acl ncsa_users proxy_auth REQUIRED* : The REQURIED term means > that any authenticated user will match the ACL named ncsa_users > - *http_access allow ncsa_users* : Allow proxy access only if user > is successfully authenticated. > > Restart squid: > # /etc/init.d/squid restart > > > > Dinish M. Ongcol, ECE > Information Technology > STEAG State Power Inc. > Villanueva, Misamis Oriental > Philippines > > ----- Original Message ---- > From: Ray S. Rañoa <[EMAIL PROTECTED]> > To: [email protected] > Sent: Monday, February 25, 2008 7:29:58 PM > Subject: [klug] Ask squid authentication config > > Hello, > > Ask lang unta ko how enable authentication on squid when you open the > browser they ask username and password. for security reason. > > Salamat, > > Ray > > > -----Inline Attachment Follows----- > > _________________________________________________ > Kagay-Anon Linux Users' Group (KLUG) Mailing List > [email protected] (http://cdo.linux.org.ph) > Searchable Archives: http://archives.free.net.ph > > > ------------------------------ > Looking for last minute shopping deals? Find them fast with Yahoo! > Search.<http://us.rd.yahoo.com/evt=51734/*http://tools.search.yahoo.com/newsearch/category.php?category=shopping> > > _________________________________________________ > Kagay-Anon Linux Users' Group (KLUG) Mailing List > [email protected] (http://cdo.linux.org.ph) > Searchable Archives: http://archives.free.net.ph >
_________________________________________________ Kagay-Anon Linux Users' Group (KLUG) Mailing List [email protected] (http://cdo.linux.org.ph) Searchable Archives: http://archives.free.net.ph
