Re: [squid-users] SQUID authentication via PAM

From: Henrik Nordstrom <>
Date: Tue, 27 Mar 2001 10:45:39 +0200

Kristina Mpoyi-Mpoyi wrote:

> Thank you for your prompt reply. I did
> chmod root:root pam_auth and it worked!!!


> I have another question.
> Now that I have authentication via pam working, I don't want the superusername
> and password in /etc/shadow used for proxy authentication.
> How can I restrict access so that "root" cannot
> be used for proxy authentication.

The best method is to use a PAM module that restricts root logins from

But you can also wrap pam_auth in a filter which denies certain
usernames from login before asking PAM..

> Is using the ACL list with an IDENT server the only way?
> Is using the IDENT server a good idea?

Not relevant to your question. IDENT is a completely different method
for the proxy to identity the user.

Henrik Nordstrom
Squid hacker
Received on Tue Mar 27 2001 - 01:54:05 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:59 MST