Re: [squid-users] Is there any way to use proxy_auth with MD5 only server?

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 20 Jun 2001 08:09:38 +0200

UsersMailbox wrote:
>
> Hello!
>
> First, I want to know all ways that I can use on my server
> and system structure.
>
> My system don't have LDAP Radius and Windows domain controller.
> So, I cannot use these ways, can I?

Sure you can. This question belongs to the first decision you must make:

Where do you want the users passwords to be stored?

When you have made this decision, then worry about how to make Squid use
this password source.

> And, my server only can use MD5 crypt method and cannot use DES.
> So, I cannot user NCSA style, can I?

Well, you can use NCSA style passwords with MD5 crypt, but the helper as
distributed with the Squid sources MAY need some minor adjustments.
Depends on how your systems crypt() function operates.

Also, unless there are any legal or political reasons to why you cannot
use standard unix inverse-DES based crypt() you can always install a
free third-party crypt() implementation, even if standard UNIX crypt()
is not available on your server by default.

> Then I'm looking for any ather ways.

Squid is open for mostly any way you find suitable. All it needs is a
helper that can verify that the supplied username+password is correct.
How this is done Squid does not care about.

> Is there any way to use proxy_auth on my server?

Sure, but as said you must first decide upon where to store the users
passwords.

> Does plaintext password is available?

If you want, but no such helper is distributed with Squid. Modifying the
NCSA helper for plaintext is trivial thou. I would not recommend using
plaintext passwords however.

> Does system password file with MD5 encryption is available?

Quite likely the NCSA helper will understand MD5 encryption if your
systems crypt() funciton does.

--
Henrik Nordstrom
Squid Hacker
Received on Wed Jun 20 2001 - 00:34:32 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:00:48 MST