SV: SV: Re: proxy_auth again... :-( from Per.E.Berger@dont-contact.us on 1999-03-05 (squid-users)

From: <Per.E.Berger@dont-contact.us>
Date: Fri, 5 Mar 1999 10:36:20 +0100

Here is something funny going on...

If I cut & paste a password from the system passwd file to the squid
password file then it works... So I watched if there was a difference
between the password generated by htpassword and from the system passwd
file. And there is a difference between them! Every password in the
system passwd file beginns with "$1$", those generated by htpasswd does
not.

So I cannot use htpasswd to generate the passwords for ncsa_auth but I
do not quite understand why...

BTW, I am running FreeBSD 2.2.8. (AND if there are exceptions to the
use of htpasswd for ncsa_auth, shouldn't that be in the FAQ?)

One last thing: if I have a scenario where I have a couple of networks
that will access my proxy without a username/password and then if
someone outside these networks .i.e a non-authorized site tries to
access squid they must provide a username/password; so I finish my list
of http_access lines with "http_access allow all passwd" instead of
"http_access deny all", is that the way to do it?

/Per

On Thu, 4 Mar 1999 16:53:43 +0100 Per.E.Berger@telia.se wrote:

> OK, thanks! That worked! Well, almost... I get a login screen but
even
> if I type the right combination it does not let me in... Sigh... I've
> used htpasswd from apache 1.3.3 to create the passwd-file...

We get ours just by extracting the first two fields of the passwd file,
but that's the same thing, I think.

Your setting for 'authenticate_program' is something like...

authenticate_program /opt/squid/bin/ncsa_auth /opt/squid/etc/htpasswd

Have you tested it manually?

  suws3% /opt/squid/bin/ncsa_auth /opt/squid/etc/htpasswd
  username password
  OK
  username invpass
  ERR
  unknown anything
  ERR

Give it a try... check the ncsa_auth program is running when you start
Squid.

- Bob

------------------------------------------------------------------------

----
  The Day Today             ... because FACT times IMPORTANCE equals 
NEWS!
------------------------------------------------------------------------
----
  Bob "Mince" Franklin ~{], CNE ;), MCSE ;)           Tel. (0118) 931 
8432
  Systems and Communications                          Fax. (0118) 975 
3094
  IT Services                                   
R.C.Franklin@reading.ac.uk
  University of Reading, U.K.          
http://www.reading.ac.uk/~suq96rcf/
------------------------------------------------------------------------
----
 <<Fil: SV_ Re_ proxy_auth again...TXT>>

Received on Fri Mar 05 1999 - 02:32:49 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:45:08 MST