On 9/10/2015 3:50 a.m., birbird wrote: > Hi All, > > > I have setup basic authentication for Squid, but I can not get passed from browser, just asked to inpu user/password time and time again. > > > I was stuck at, the command > /usr/lib64/squid/ncsa_auth /etc/squid/squid_passwd > dose not give any output. I think it means squid can not get the authentication info. But I have no idea what to do next. > Can you upgrade your Squid to something more current? The helper has been called basic_ncsa_auth since Squid-3.2 > > I create my password by > htpasswd -d /etc/squid/squid_passwd dan > DES encoded passwords are highly insecure. Particularly if you are trying to use more than 8 characters. Or any non-ASCII characters. Current Squid NCSA helper rejects DES passwords greater than 8 characters since Squid-3.1.15. > > I also tried -m for htpasswd, it do generate different encrypted text, but still can not be recognized by /usr/lib64/squid/ncsa_auth. > You really need a newer Squid. MD5 support was added about Squid-2.6. > > My squid config is: > > > http_access deny !Safe_ports > http_access deny CONNECT !SSL_Ports > > > auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/squid_passwd > acl ncsa_users proxy_auth REQUIRED > > http_access allow ncsa_users > That looks fine. Assuming there are no http_access above it, nor other access rules using authentication. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
