Basic HTTP authentication uses base64 encoded plain text. See RFC2617
for a full description of the Basic HTTP authentication scheme.
For increased security on the wire you can consider using digest
authentication (Squid-2.5 required). However, this cannot integrate with
any existing password databases, and requires a separate password file
to be kept on the proxy.
In future, please use the squid-users mailinglist for Squid usage and
configuration questions.
Regards
Henrik
m�n 2003-03-31 klockan 18.36 skrev Tulio Llosa:
> Hello-
> I have squid2.4.STABLE-4 installed and working. I am using pam for squid
> authentication.
>
> authenticate_program /usr/lib/squid/pam_auth
> acl password proxy_auth REQUIRED
>
> The whole thing is working very well. The only concern I have is
> security. I try to sniff the traffic and could not find the clear text
> password that was used during authentication.
> How does squid do that. Does is it use a hash or cleartext?
> How secure is this setup? Is there anything I can do to make it more
> secure.
>
> Thanks in advance.
>
> =====
>
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
> http://platinum.yahoo.com
-- Henrik Nordstrom <hno@squid-cache.org> MARA Systems AB, SwedenReceived on Mon Mar 31 2003 - 10:43:06 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:27 MST