basic_ncsa_auth(8) [centos man page]
basic_ncsa_auth(8) System Manager's Manual basic_ncsa_auth(8) NAME
basic_ncsa_auth - NCSA httpd-style password file authentication helper for Squid SYNOPSIS
basic_ncsa_auth passwd file DESCRIPTION
basic_ncsa_auth allows Squid to read and authenticate user and password information from an NCSA/Apache httpd-style password file when using basic HTTP authentication. This password file can be manipulated using htpasswd. This authenticator accepts: * Blowfish - for passwords 72 characters or less in length * SHA256 - with salting and magic strings * SHA512 - with salting and magic strings * MD5 - with optional salt and magic strings * DES - for passwords 8 characters or less in length NOTE: Blowfish and SHA algorithms require system-specific support. OPTIONS
The only parameter is the password file. It must have permissions to be read by the user that Squid is running as. CONFIGURATION
basic_ncsa_auth /etc/squid/squid.pass basic_ncsa_auth must have access to the password file to be executed. KNOWN ISSUES
DES functionality (used by htpasswd by default) silently truncates passwords to 8 characters. Allowing login with password values shorter than the one desired. This authenticator will reject login with long passwords when using DES. AUTHOR
This manual was written by Amos Jeffries <amosjeffries@squid-cache.org> Based on original documentation by Rodrigo Rubira Branco <rrbranco@br.ibm.com> COPYRIGHT
This file is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this file; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA QUESTIONS
Questions on the usage of this program can be sent to the Squid Users mailing list <squid-users@squid-cache.org> REPORTING BUGS
Bug reports need to be made in English. See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report. Report bugs or bug fixes using http://bugs.squid-cache.org/ Report serious security bugs to Squid Bugs <squid-bugs@squid-cache.org> Report ideas for new improvements to the Squid Developers mailing list <squid-dev@squid-cache.org> SEE ALSO
squid(8), htpasswd(1), GPL(7), The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq The Squid Configuration Manual http://www.squid-cache.org/Doc/config/ May 16, 2006 basic_ncsa_auth(8)
Check Out this Related Man Page
basic_radius_auth(8) System Manager's Manual basic_radius_auth(8) NAME
basic_radius_auth - Squid RADIUS authentication helper SYNOPSIS
basic_radius_auth -f config file basic_radius_auth -h server name port ] [-i identifier ] -w secret [-t timeout ] DESCRIPTION
basic_radius_auth allows Squid to connect to a RADIUS server to validate the user name and password of Basic HTTP authentication. OPTIONS
-f configfile Specifies the path to a configuration file. See the CONFIGURATION section for details on the file content. -h server Alternative method of specifying the server to connect to -p port Specify another server port where the RADIUS server listens for requests if different from the default RADIUS port. Normally not specified. -i identifier Unique identifier identifying this Squid proxy to the RADIUS server. If not specified the IP address is used to identify the proxy. -w secret Alternative method of specifying the shared secret. Using the -f option with a configuration file is generally more secure and recommended. -t timeout RADIUS request timeout. Default is 10 seconds. CONFIGURATION
The configuration specifies how the helper connects to RADIUS. The file contains a list of directives (one per line). Lines beginning with a # are ignored. server radiusserver specifies the name or address of the RADIUS server to connect to. secret somesecretstring specifies the shared RADIUS secret. identifier nameofserver specifies what name the proxy should use to identify itself to the RADIUS server. This directive is optional. port portnumber Specifies the port number or service name where the helper should connect. timeout seconds Specifies the RADIUS request timeout. AUTHOR
This program is written by Marc van Selm <selm@cistron.nl> Henrik Nordstrom <hno@squid-cache.org> With contributions from many others. This manual was written by Henrik Nordstrom <hno@squid-cache.org> COPYRIGHT
This program and documentation is copyright to the authors named above. Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+). QUESTIONS
Questions on the usage of this program can be sent to the Squid Users mailing list <squid-users@squid-cache.org> Or contact your favorite RADIUS list/friend if the question is more related to RADIUS than Squid. REPORTING BUGS
Bug reports need to be made in English. See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report. Report bugs or bug fixes using http://bugs.squid-cache.org/ Report serious security bugs to Squid Bugs <squid-bugs@squid-cache.org> Report ideas for new improvements to the Squid Developers mailing list <squid-dev@squid-cache.org> SEE ALSO
squid(8), GPL(7), RFC2058 - Remote Authentication Dial In User Service (RADIUS) The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq The Squid Configuration Manual http://www.squid-cache.org/Doc/config/ 7 August 2004 basic_radius_auth(8)