Squid set username and password

Others 2021-03-29 20:39:15 views: null

Setting up Squid proxy authentication on ubutnu In order to set up Squid proxy authentication
on Ubuntu, you need to make the following adjustments to the Squid configuration file:
Generate Squid proxy authentication password
htpasswd is two tools that can be used to generate proxy user authentication passwords. Although htpasswd encrypts the password and stores the password in a promiscuous format, htdigest stores the password in plain text, so it is not secure. In this guide, we will use the htpasswd utility. htdigest
In order to use htpasswd, you need to install it. Install it: httpd/apache2-utils

sudo apt-get install apache2-utils
sudo yum install httpd-tools

After installation, run the following command to generate a password for user verification.

htpasswd -c /etc/squid/.squid_users amos
New password: 
Re-type new password: 
Adding password for user amos

This creates a password for the user amos and stores it in. /etc/squid/.squid_users

To add more users, you need to remove the option -c from the htpasswd command:

htpasswd /etc/squid/.squid_users john
New password: 
Re-type new password: 
Adding password for user john

When you check the password file, there are now two users with encrypted passwords:

less /etc/squid/.squid_users
amos:$apr1$IyfTZICg$2fPImX5o14XC2KPF1kZWv/
john:$apr1$5o0XKeto$m6c5B5KK5ZAK/7A/VIgYB/

Squid users should be able to read this file. Therefore, run the following command to set the appropriate permissions:

chown squid /etc/squid/.squid_users

Verify that the username and password are applicable to the squid proxy. For each correct entry, you should see the following display: OK

/usr/lib64/squid/basic_ncsa_auth /etc/squid/.squid_users 
amos password
OK
john password
OK

Configure Squid proxy authentication
Since everything seems to be fine, proceed to set up Squid proxy basic authentication. Open the Squid configuration file for editing and add the following lines.

auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/.squid_users
auth_param basic children 5
auth_param basic realm Proxy Authentication Required
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

acl auth_users proxy_auth amos john
http_access allow auth_users

As a brief summary of the lines mentioned above:

  • The first line tells Squid to use the helper program and look up the username and password in the file.basic_ncsa_auth/etc/squid/.squid_users
  • This line specifies the maximum number of processes to generate a Squid authenticator.auth_param basic children 5
  • auth_param basic realmSpecify the protection scope of the authentication scheme to be reported to the customer.
  • auth_param basic credentialsttl 2 hoursSpecify how long Squid assumes externally authenticated usernames: password pairs apply to
  • auth_param basic casesensitive offSpecify whether the username is sensitive to the case.
  • acl auth_users proxy_auth amos johnDefine Squid authentication ACL for users who are allowed to authenticate.
    After completing the configuration, save the file and restart Squid.
systemctl restart squid

Configure your client to use the authentication vai squid proxy server described in our previous article.

From the client side, if you try to access the Internet through a browser, you will be prompted for authentication. Please refer to the screenshot below:
Insert picture description here
When you are properly authenticated, you will be able to access the Internet on your browser.

If you try to download a file using wget, you will be prompted for authentication:

wget google.com               
--2018-12-19 00:38:21--  http://google.com/
Connecting to 192.168.43.69:3128... connected.
Proxy request sent, awaiting response... 407 Proxy Authentication Required
2018-12-19 00:38:21 ERROR 407: Proxy Authentication Required.

therefore:

wget --proxy-user=amos --proxy-password=password google.com
--2018-12-19 00:39:36--  http://google.com/
Connecting to 192.168.43.69:3128... connected.
Proxy request sent, awaiting response... 301 Moved Permanently
Location: http://www.google.com/ [following]
--2018-12-19 00:39:37--  http://www.google.com/
Reusing existing connection to 192.168.43.69:3128.
Proxy request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘index.html.8’

index.html.8            [ <=>                ]  11.72K  --.-KB/s    in 0.1s    

2018-12-19 00:39:38 (97.6 KB/s) - ‘index.html.8’ saved [12001]

Alright, there you go. You have successfully set up Squid proxy authentication on Ubuntu with a username and password.

Guess you like

Origin blog.csdn.net/KH_FC/article/details/114531520
Recommended
"U.S. Threats and Damage to Global Cyberspace Security and Development" report released
Ranking
[DP] expected [UVA1498] Activation
What is the ABAP Dynpro program
记录一下halcon例程报错和两个视觉库感兴趣区域绘制
characterReplacement-the longest repeated character after replacement
Target element by id somewhere within an element targeted by id
Test classification
NOI 8780 interceptor missile linear dp
Equipment inspection management wants to fine, light streams Weapon children
sql packet takes the value of the most
Computer java project recommendation SSM (Spring+SpringMVC+MyBatis) takeaway ordering management system
Daily
More
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)

Code World

© 2018 codetd.com