You can configure Squid to prompt users for a username and password. Squid comes with a program called ncsa_auth that reads any NCSA-compliant encrypted password file.
1) Create the password file. The name of the password file should be /etc/squid/squid_passwd, and you need to make sure that it’s universally readable.
# touch /etc/squid/squid_passwd
# chmod o+r /etc/squid/squid_passwd
2) Use the htpasswd program to add users to the password file. You can add users at anytime without having to restart Squid. In this case, you add a username called nikesh:
# htpasswd /etc/squid/squid_passwd nikeshNew
password:Re-type new password:
Adding password for user nikesh
3) Find your ncsa_auth file using the locate/find command. (different distro stores this file at different locations)
# locate ncsa_auth/usr/lib/squid/ncsa_auth
4) Edit squid.conf; specifically, you need to define the authentication program in squid.conf, which is in this case ncsa_auth. Next, create an ACL named ncsa_users with the REQUIRED keyword that forces Squid to use the NCSA auth_param method you defined previously. Finally, create an http_access entry that allows traffic that matches the ncsa_users ACL entry. Here’s a simple user authentication example; the order of the statements is important:
## Add this to the auth_param section of squid.conf
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
# Add this to the bottom of the ACL section of squid.conf
acl ncsa_users proxy_auth REQUIRED
# Add this at the top of the http_access section of squid.conf
http_access allow ncsa_users
Remember to restart Squid for the changes to take effect.
1) Create the password file. The name of the password file should be /etc/squid/squid_passwd, and you need to make sure that it’s universally readable.
# touch /etc/squid/squid_passwd
# chmod o+r /etc/squid/squid_passwd
2) Use the htpasswd program to add users to the password file. You can add users at anytime without having to restart Squid. In this case, you add a username called nikesh:
# htpasswd /etc/squid/squid_passwd nikeshNew
password:Re-type new password:
Adding password for user nikesh
3) Find your ncsa_auth file using the locate/find command. (different distro stores this file at different locations)
# locate ncsa_auth/usr/lib/squid/ncsa_auth
4) Edit squid.conf; specifically, you need to define the authentication program in squid.conf, which is in this case ncsa_auth. Next, create an ACL named ncsa_users with the REQUIRED keyword that forces Squid to use the NCSA auth_param method you defined previously. Finally, create an http_access entry that allows traffic that matches the ncsa_users ACL entry. Here’s a simple user authentication example; the order of the statements is important:
## Add this to the auth_param section of squid.conf
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
# Add this to the bottom of the ACL section of squid.conf
acl ncsa_users proxy_auth REQUIRED
# Add this at the top of the http_access section of squid.conf
http_access allow ncsa_users
Remember to restart Squid for the changes to take effect.
Read more: http://linuxpoison.blogspot.com.br/search?q=squid#ixzz2wVrOOZ4q
Nenhum comentário:
Postar um comentário