Set Basic Auth
2015/05/17 |
Set Basic Authentication and limit squid for users to require authentication.
|
|
[1] | Install a package which includes htpasswd. |
root@prox:~# aptitude -y install apache2-utils
|
[2] | Configure Squid to set Basic Auth. |
root@prox:~#
vi /etc/squid3/squid.conf
acl CONNECT method CONNECT
# line 1056: add follows for Basic Auth
auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid3/.htpasswd
auth_param basic children 5 auth_param basic realm Squid Basic Authentication auth_param basic credentialsttl 5 hours acl password proxy_auth REQUIRED http_access allow password # add a user : create a new file with "-c" ( add the "-c" option only for the initial registration ) root@prox:~# htpasswd -c /etc/squid3/.htpasswd debian New password: # set password Re-type new password: # confirm Adding password for user debian systemctl restart squid3
|
Proxy Client : Debian
|
[3] | Configure Debian Proxy Client for Basic Auth. |
root@client:~#
vi /etc/profile # add follows to the end # username:password@proxyserver:port MY_PROXY_URL="http://debian:password@prox.srv.world:3128/"
HTTP_PROXY=$MY_PROXY_URL
HTTPS_PROXY=$MY_PROXY_URL FTP_PROXY=$MY_PROXY_URL http_proxy=$MY_PROXY_URL https_proxy=$MY_PROXY_URL ftp_proxy=$MY_PROXY_URL
export HTTP_PROXY HTTPS_PROXY FTP_PROXY http_proxy https_proxy ftp_proxy
root@client:~#
source /etc/profile
# it's OK all, but it's possible to set proxy settings for each application like follows. # for apt
root@client:~#
vi /etc/apt/apt.conf # create new Acquire::http::proxy "http://debian:password@prox.srv.world:3128/"; Acquire::https::proxy "https://debian:password@prox.srv.world:3128/"; Acquire::ftp::proxy "ftp://debian:password@prox.srv.world:3128/"; # for wget
root@client:~#
vi /etc/wgetrc # add follows to the end http_proxy = http://prox.srv.world:3128/ https_proxy = http://prox.srv.world:3128/ ftp_proxy = http://prox.srv.world:3128/ proxy_user = debian proxy_passwd = password |
Proxy Client : Windows
|
[4] | For Windows Clients, none of specific settings, but when access to a web, proxy server requires authentication like follows, then input username and password. |