SV: SV: Re: proxy_auth again... :-(

Fri, 5 Mar 1999 04:48:55 -0500 


Here is something funny going on...

If I cut & paste a password from the system passwd file to the squid 
password file then it works... So I watched if there was a difference 
between the password generated by htpassword and from the system passwd 
file. And there is a difference between them! Every password in the 
system passwd file beginns with "$1$", those generated by htpasswd does 
not.

So I cannot use htpasswd to generate the passwords for ncsa_auth but I 
do not quite understand why...

BTW, I am running FreeBSD 2.2.8. (AND if there are exceptions to the 
use of htpasswd for ncsa_auth, shouldn't that be in the FAQ?)

One last thing: if I have a scenario where I have a couple of networks 
that will access my proxy without a username/password and then if 
someone outside these networks .i.e a non-authorized site tries to 
access squid they must provide a username/password; so I finish my list 
of http_access lines with "http_access allow all passwd" instead of 
"http_access deny all", is that the way to do it?


/Per


On Thu, 4 Mar 1999 16:53:43 +0100 [EMAIL PROTECTED] wrote:

> OK, thanks! That worked! Well, almost... I get a login screen but 
even 
> if I type the right combination it does not let me in... Sigh... I've 
> used htpasswd from apache 1.3.3 to create the passwd-file...

We get ours just by extracting the first two fields of the passwd file, 
but that's the same thing, I think.

Your setting for 'authenticate_program' is something like...

  authenticate_program /opt/squid/bin/ncsa_auth /opt/squid/etc/htpasswd

Have you tested it manually?

  suws3% /opt/squid/bin/ncsa_auth /opt/squid/etc/htpasswd
  username password
  OK
  username invpass
  ERR
  unknown anything
  ERR

Give it a try... check the ncsa_auth program is running when you start 
Squid.

  - Bob


------------------------------------------------------------------------
----
  The Day Today             ... because FACT times IMPORTANCE equals 
NEWS!
------------------------------------------------------------------------
----
  Bob "Mince" Franklin ~{], CNE ;), MCSE ;)           Tel. (0118) 931 
8432
  Systems and Communications                          Fax. (0118) 975 
3094
  IT Services                                   
[EMAIL PROTECTED]
  University of Reading, U.K.          
http://www.reading.ac.uk/~suq96rcf/
------------------------------------------------------------------------
----

 <<Fil: SV_ Re_ proxy_auth again...TXT>>

Reply via email to