November 25, 2024, 07:54:22 PM

News : LinuxSolved.com Linux Help Community Forum..


Author Topic: Squid authentication using NCSA squid proxy  (Read 14023 times)

Offline lovelysandu

  • Linux Noob !
  • *
  • Posts: 8
Squid authentication using NCSA squid proxy
« on: July 23, 2004, 11:50:53 AM »
hello,
I want to use authotication for squid,
can anyone tell me how to do that.

sandesh

Offline Ricky

  • LST CareTaker
  • Specially Skilled
  • *****
  • Posts: 2381
Squid authentication using NCSA squid proxy
« Reply #1 on: July 23, 2004, 12:34:20 PM »
Well.. there are lots of method to do this..
I am giving you all available.. What you do .. search for all in google.com/linux  you will then find good tutorials

1. Ldap
2. NCSA
3. MSNT
4. PAM
5. SMB

So you go and read little abt each and decide which one to use.. then configure that.

Offline lovelysandu

  • Linux Noob !
  • *
  • Posts: 8
Squid authentication using NCSA squid proxy
« Reply #2 on: July 23, 2004, 03:24:41 PM »
Thanks,
I want to use NCSA or PAM authentication
can u tell me step by step configuration for that

Thanks and Regards

Sandesh

Offline Ricky

  • LST CareTaker
  • Specially Skilled
  • *****
  • Posts: 2381
Squid authentication using NCSA squid proxy
« Reply #3 on: July 30, 2004, 08:47:14 AM »
Ok . I am giving a brief about NCSA
First you have to compile NCSA modules. You can find that in squid package under the directory auth_modules (usually)
first do make then make install
first go to that directory then to  NCSA source and do
Code: [Select]
make
make install

It will creat ncsa_auth usually in /usr/local/squid/sbin .
Now modify your squid.conf to use ncsa_auth
Code: [Select]
#This part is to be added in squi.conf
#below we are telling which authentication module to use and which password file to use.
authenticate_program /usr/local/squid/sbin/ncsa_auth /usr/local/squid/etc/passwd

#here we will describe how long authentication is valid etc.
authenticate_ttl  900
authenticate_ip_ttl 60
acl name proxy_auth REQUIRED
http_access allow lan name
http_access deny all

Here lan is predefined acl we use for our local network so it means allow authentication over Lan.

NOw we have to make file  /usr/local/squid/etc/passwd .
we will store username and encrypted password in that using htpasswd utility came with Apache.
so to make file and also user for first time do following
Code: [Select]
htpasswd -c /usr/local/squid/etc/passwd
lovelysandu        
# then will ask for password :: so give password.
to add next user simply remove -c
Code: [Select]
htpasswd /usr/local/squid/etc/passwd
newusername and then password

Also change permission for /usr/local/squid/etc/passwd to 755 by
Code: [Select]
chmod 755 /usr/local/squid/etc/passwd
So your basic authentication using NCSA is done.. restart squid and then open some site. it will first ask for authentication..

Ok.. done...