digest_file_auth
NAMESYNOPSIS
DESCRIPTION
OPTIONS
CONFIGURATION
AUTHOR
COPYRIGHT
QUESTIONS
REPORTING BUGS
SEE ALSO
NAME
digest_file_auth - File based digest authentication helper for Squid.
Version 1.1
SYNOPSIS
digest_file_auth [-c] file
DESCRIPTION
digest_file_auth is an installed binary authentication program for Squid. It handles digest authentication protocol and authenticates against a text file backend. This program will automatically detect the existence of a concurrency channel-ID and adjust appropriately. It may be used with any value 0 or above for the auth_param children concurrency= parameter.
OPTIONS
|
-c |
Accept digest hashed passwords rather than plaintext in the password file |
CONFIGURATION
Username
database file format:
- comment lines are possible and should start with a
’#’;
- empty or blank lines are possible;
- plaintext entry format is username:password
- HA1 entry format is username:realm:HA1
To build a directory integrated backend, you need to be able to calculate the HA1 returned to squid. To avoid storing a plaintext password you can calculate MD5(username:realm:password) when the user changes their password, and store the tuple username:realm:HA1. then find the matching username:realm when squid asks for the HA1.
This implementation could be improved by using such a triple for the file format. However storing such a triple does little to improve security: If compromised the username:realm:HA1 combination is "plaintext equivalent" - for the purposes of digest authentication they allow the user access. Password synchronization is not tackled by digest - just preventing on the wire compromise.
AUTHOR
This program was written by Robert Collins <[email protected]>
Based on prior work by Arjan de Vet <[email protected]> This manual was written by
Robert Collins <[email protected]> Amos Jeffries <[email protected]>
COPYRIGHT
* Copyright (C)
1996-2023 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and
includes
* contributions from numerous individuals and organizations.
* Please see the COPYING and CONTRIBUTORS files for
details.
This program and documentation is copyright to the authors named above.
Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
QUESTIONS
Questions on the usage of this program can be sent to the Squid Users mailing list <[email protected]>
REPORTING BUGS
Bug reports need to be made in English. See https://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
Report bugs or bug fixes using https://bugs.squid-cache.org/
Report serious security bugs to Squid Bugs <[email protected]>
Report ideas for new improvements to the Squid Developers mailing list <[email protected]>
SEE ALSO
squid(8),
GPL(7),
The Squid FAQ wiki https://wiki.squid-cache.org/SquidFaq
The Squid Configuration Manual
http://www.squid-cache.org/Doc/config/
Introduction
- About Squid
- Why Squid?
- Squid Developers
- How to Donate
- How to Help Out
- Getting Squid
- Squid Source Packages
- Squid Deployment Case-Studies
- Squid Software Foundation
Documentation
- Quick Setup
- Configuration:
- FAQ and Wiki
- Guide Books:
- Non-English
- More...
Support
- Security Advisories
- Bugzilla Database
- Mailing lists
- Contacting us
- Commercial services
- Project Sponsors
- Squid-based products
Miscellaneous
- Developer Resources
- Related Writings
- Related Software:
- Squid Artwork
Web Site Translations
Mirrors
- Website:
- gr il pl ... full list
- FTP Package Archive