Yes, every developer is equally trusted with all the data. "Encryption" was a clerical error on my part, I meant to say authentication... As far as I can tell, we are going to have to do something besides basic authentication on our proxy server in order to make this work. Thanks to everyone for their help. -----Original Message----- From: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Antony Stone Sent: Wednesday, February 03, 2016 9:44 AM To: squid-users@xxxxxxxxxxxxxxxxxxxxx Subject: Re: Encrypt/Obfuscate squid.conf file On Wednesday 03 February 2016 at 14:54:42, Alleshouse, Dale (NonEmp) wrote: > Developers share a root login on these machines. So, they're all equally trusted with all your data, then. > We need to authenticate through the corporate proxy to hit the internet. > We are using squid to do this encryption. Encryption? > However, developers have to enter their personal credentials into the > squid file for this to work. Er, what? Why do the credentials go into squid.conf? > Any developer can see others network credentials by opening this file. So, use PAM / LDAP / (basically something else) to do the authentication, and then just tell Squid to allow "authenticated users". Antony. -- Ramdisk is not an installation procedure. Please reply to the list; please *don't* CC me. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.squid-2Dcache.org_listinfo_squid-2Dusers&d=BQIGaQ&c=WUZzGzAb7_N4DvMsVhUlFrsw4WYzLoMP5bgx2U7ydPE&r=NJHWY9HRoWMKBsUpjq2jkHTAObROemxXrDpnlR7eJCk&m=pqvY3jCM4bogStAHsGlG2uDtdebKsG9mngLtjSA6XMY&s=JKrN7QT5ZMmMtpm_QIIoWHQ1YhDzwBNsbSql_7Iov14&e= ________________________________ This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain information that is confidential and protected by law from unauthorized disclosure. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users