1) Create the password file. The name of the password file should be /etc/squid/squid_passwd, and you need to make sure that it’s universally readable.
# touch /etc/squid/squid_passwd
# chmod o+r /etc/squid/squid_passwd
2) Use the htpasswd program to add users to the password file. You can add users at anytime without having to restart Squid. In this case, you add a username called nikesh:
# htpasswd /etc/squid/squid_passwd nikeshNew
password:Re-type new password:
Adding password for user nikesh
3) Find your ncsa_auth file using the locate/find command. (different distro stores this file at different locations)
# locate ncsa_auth/usr/lib/squid/ncsa_auth
4) Edit squid.conf; specifically, you need to define the authentication program in squid.conf, which is in this case ncsa_auth. Next, create an ACL named ncsa_users with the REQUIRED keyword that forces Squid to use the NCSA auth_param method you defined previously. Finally, create an http_access entry that allows traffic that matches the ncsa_users ACL entry. Here’s a simple user authentication example; the order of the statements is important:
## Add this to the auth_param section of squid.conf
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
# Add this to the bottom of the ACL section of squid.conf
acl ncsa_users proxy_auth REQUIRED
# Add this at the top of the http_access section of squid.conf
http_access allow ncsa_users
Remember to restart Squid for the changes to take effect.
3 comments:
it get password in clear text format, and user get it easy with sanaffirs. Please guide how to encrypt it.
Thanks Nikesh! Simple, to-the-point and accurate...great post :)
Thanks!
Post a Comment