Re: [squid-users] how 2 protect squid proxy's user/pass-combo

From: Henrik Nordstrom <[email protected]>
Date: Tue, 27 Nov 2001 11:15:16 +0100

mohren wrote:

> as far as I can see from the manual & FAQ, using a squid-proxy protected
> by user/password leads to transmitting this info in the CLEAR. right?

Right. Almost in the clear anyway (trivially encoded, for transfer
reasons)

> Is there a way (SSL) to protect the usr/pass-combo?

Nope. Not unless you are running Squid as an SSL web server accelerator
for your own web servers anyway..

> Intended use: access IP-protected information (like EJournas) from outside via
> the proxy ( travelling members of the institute).

Which sounds like a quite good job for the SSL support in Squid-2.5,
allowing you to encrypt both the password and the actual content with
strong encryption...

Regards
Henrik Nordstr�m
Squid Hacker
Received on Tue Nov 27 2001 - 03:16:28 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:04:32 MST