Re: [squid-users] user auth problem !

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Sat, 20 Oct 2001 13:58:10 +0200

Are you REALLY sure you want PAM authentication?

The NCSA password files is a lot easier to configure, and generally more
secure as your proxy users do not need to have an account on the proxy
box, only to the proxy.

If you need to connect to Radius then I'd recommend to use the radius
authentication module rather than Radius via PAM, but either should work
given you configure the "squid" PAM service correctly.

Note: pam_auth does not accept ANY arguments. All configuration is done
in the PAM configuration files. The only argument the PAM authentication
module could possibly accept is the PAM service name, currently
hardcoded to "squid".

The easiest way to test an Squid authentication module setup is to run
it manually, and then type
username paswword

if everything is OK the helper will respond with OK, else with ERR.

Regarding PAM configuration for connecting to Radius: If you know how to
configure normal logins to use RADIUS via PAM then you should be able to
apply the same PAM rules to the "squid" service for Squid
authentication.

Regards
Henrik Nordström
Squid Hacker

Arindam Haldar wrote:
>
> hi all
> im new to user auth with squid.. my box is rh linux 7.1 kernel 2.4.10 &
> squid-2.4stable2..
> i have tried to use pam_auth & getpsswd_auth but have totally failed so
> far !.. i have tried the pam squid file as stated in pam_auth.c file &
> have tried various modification from /lib/secirity/ files for pam auth &
> passwd... looking at the archive i couldt find any solutions either !
>
> i need to auth my office users & provide the management with the time
> used by them on internet... am i using the right auth mo dules or should
> i try radius plugins ?
>
> pls can anyone help me...
>
> thanx in advance
> arindam haldar
Received on Sat Oct 20 2001 - 05:56:28 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:03:01 MST