centos man page for digest_file_auth

Centos Man Pages All Man Pages Latest Topics Forum Categories

Query: digest_file_auth

OS: centos

Section: 8

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

digest_file_auth(8)					      System Manager's Manual					       digest_file_auth(8)


NAME

       digest_file_auth - File based digest authentication helper for Squid.

       Version 1.0


SYNOPSIS

       digest_file_auth [-c] file


DESCRIPTION

       digest_file_auth  is  an  installed  binary  authentication  program for Squid. It handles digest authentication protocol and authenticates
       against a text file backend.


OPTIONS

       -c	   Accept digest hashed passwords rather than plaintext in the password file


CONFIGURATION

       Username database file format:

       - comment lines are possible and should start with a '#';

       - empty or blank lines are possible;

       - plaintext entry format is username:password

       - HA1 entry format is username:realm:HA1

       To build a directory integrated backend, you need to be able to calculate the HA1 returned to squid. To avoid storing a plaintext  password
       you can calculate MD5(username:realm:password) when the user changes their password, and store the tuple username:realm:HA1.  then find the
       matching username:realm when squid asks for the HA1.

       This implementation could be improved by using such a triple for the file format.  However storing such a triple  does  little  to  improve
       security:  If  compromised  the	username:realm:HA1  combination is "plaintext equivalent" - for the purposes of digest authentication they
       allow the user access. Password syncronisation is not tackled by digest - just preventing on the wire compromise.


AUTHOR

       This program was written by Robert Collins <robertc@squid-cache.org>

       Based on prior work by Arjan de Vet <Arjan.deVet@adv.iae.nl>

       This manual was written by Robert Collins <robertc@squid-cache.org> Amos Jeffries <amosjeffries@squid-cache.org>


COPYRIGHT

       This program and documentation is copyright to the authors named above.

       Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).


QUESTIONS

       Questions on the usage of this program can be sent to the Squid Users mailing list <squid-users@squid-cache.org>


REPORTING BUGS

       Bug reports need to be made in English.	See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with
       your bug report.

       Report bugs or bug fixes using http://bugs.squid-cache.org/

       Report serious security bugs to Squid Bugs <squid-bugs@squid-cache.org>

       Report ideas for new improvements to the Squid Developers mailing list <squid-dev@squid-cache.org>


SEE ALSO

       squid(8), GPL(7),
       The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq
       The Squid Configuration Manual http://www.squid-cache.org/Doc/config/

															       digest_file_auth(8)
Related Man Pages
basic_ncsa_auth(8) - centos
basic_sasl_auth(8) - centos
digest_file_auth(8) - centos
ext_unix_group_acl(8) - centos
pam_auth(8) - redhat
Similar Topics in the Unix Linux Community
squid monitoring tool
Squid Cache Directory
top 10 users facebook.com
Configure squid to listen on any IP address with port 80
Change Log Path for Squid on Centos 6