digest_file_auth

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
CONFIGURATION
AUTHOR
COPYRIGHT
QUESTIONS
REPORTING BUGS
SEE ALSO

NAME

digest_file_auth − File based digest authentication helper for Squid.

Version 1.0

SYNOPSIS

digest_file_auth [−c] file

DESCRIPTION

digest_file_auth is an installed binary authentication program for Squid. It handles digest authentication protocol and authenticates against a text file backend.

OPTIONS

−c

Accept digest hashed passwords rather than plaintext in the password file

CONFIGURATION

Username database file format:

- comment lines are possible and should start with a ’#’;

- empty or blank lines are possible;

- plaintext entry format is username:password

- HA1 entry format is username:realm:HA1

To build a directory integrated backend, you need to be able to calculate the HA1 returned to squid. To avoid storing a plaintext password you can calculate MD5(username:realm:password) when the user changes their password, and store the tuple username:realm:HA1. then find the matching username:realm when squid asks for the HA1.

This implementation could be improved by using such a triple for the file format. However storing such a triple does little to improve security: If compromised the username:realm:HA1 combination is "plaintext equivalent" - for the purposes of digest authentication they allow the user access. Password syncronisation is not tackled by digest - just preventing on the wire compromise.

AUTHOR

This program was written by Robert Collins <[email protected]>

Based on prior work by Arjan de Vet <[email protected]>

This manual was written by Robert Collins <[email protected]> Amos Jeffries <[email protected]>

COPYRIGHT

This program and documentation is copyright to the authors named above.

Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).

QUESTIONS

Questions on the usage of this program can be sent to the Squid Users mailing list <[email protected]>

REPORTING BUGS

Bug reports need to be made in English. See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.

Report bugs or bug fixes using http://bugs.squid-cache.org/

Report serious security bugs to Squid Bugs <[email protected]>

Report ideas for new improvements to the Squid Developers mailing list <[email protected]>

SEE ALSO

squid(8), GPL(7),
The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq
The Squid Configuration Manual http://www.squid-cache.org/Doc/config/


 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors