I have decided that I need squid to authenticate before users can use it. I have read page 435 in then manual (suse 8.2) and it refers to authenticate_program/usr/sbin/pam_auth but that doesn't appear to exist in squid.conf it suggests using acl password proxy_auth REQUIRED (now there is a proxu_auth section in squid conf - is that the option I require?) However using this line gives an error as it appears not to recognise it as "no authenication schemes are fully configured" can anyone point me in the right direction - or tell me exactly what to uncomment or add in squid.conf Many thanks. -- Alan Davies Head of Computing Birkenhead School
--- Alan Davies
I have decided that I need squid to authenticate before users can use it.
I have read page 435 in then manual (suse 8.2) and it refers to authenticate_program/usr/sbin/pam_auth but that doesn't appear to exist in squid.conf
That is only used if the server is authenticating
it suggests using acl password proxy_auth REQUIRED
(now there is a proxu_auth section in squid conf - is that the option I require?)
However using this line gives an error as it appears not to recognise it as "no authenication schemes are fully configured"
can anyone point me in the right direction - or tell me exactly what to uncomment or add in squid.conf
Well, Alan, I would be inclined to have "inetd" running, and have an ACL in squid that has a list of users who are banned. If one of those users from that lists attempts to make a request, then shunt them to a 404 page or whatever. If you need instructions on how to do that, let me know. Kind Regards, -- Thomas Adam ===== Thomas Adam "The Linux Weekend Mechanic" -- www.linuxgazette.com __________________________________________________ Yahoo! Plus - For a better Internet experience http://uk.promotions.yahoo.com/yplus/yoffer.html
opps yer beat me do it! :)
--- Thomas Adam
wrote: I have decided that I need squid to authenticate before users can use it.
I have read page 435 in then manual (suse 8.2) and it refers to authenticate_program/usr/sbin/pam_auth but that doesn't appear to exist in squid.conf
That is only used if the server is authenticating
it suggests using acl password proxy_auth REQUIRED
(now there is a proxu_auth section in squid conf - is that the option I require?)
However using this line gives an error as it appears not to recognise it as "no authenication schemes are fully configured"
can anyone point me in the right direction - or tell me exactly what to uncomment or add in squid.conf
Well, Alan, I would be inclined to have "inetd" running, and have an ACL in squid that has a list of users who are banned. If one of those users from that lists attempts to make a request, then shunt them to a 404 page or whatever.
If you need instructions on how to do that, let me know.
Kind Regards,
-- Thomas Adam
===== Thomas Adam
"The Linux Weekend Mechanic" -- www.linuxgazette.com
__________________________________________________ Yahoo! Plus - For a better Internet experience http://uk.promotions.yahoo.com/yplus/yoffer.html
-- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
__________________________________________________ Yahoo! Plus - For a better Internet experience http://uk.promotions.yahoo.com/yplus/yoffer.html
--- Steve Palmer
opps yer beat me do it! :)
Yep, I guess I did :) I had wondered why you were re-iterating my suggestion. Ya can't have *all* the fame you know :) :) Still, great minds think a like, eh? :) No Worries, Steve, -- Thomas ------------------------------------------------------
--- Thomas Adam
wrote: > --- Alan Davies
wrote: I have decided that I need squid to authenticate before users can use it.
I have read page 435 in then manual (suse 8.2) and it refers to authenticate_program/usr/sbin/pam_auth but that doesn't appear to exist in squid.conf
That is only used if the server is authenticating
it suggests using acl password proxy_auth REQUIRED
(now there is a proxu_auth section in squid conf - is that the option I require?)
However using this line gives an error as it appears not to recognise it as "no authenication schemes are fully configured"
can anyone point me in the right direction - or tell me exactly what to uncomment or add in squid.conf
Well, Alan, I would be inclined to have "inetd" running, and have an ACL in squid that has a list of users who are banned. If one of those users from that lists attempts to make a request, then shunt them to a 404 page or whatever.
If you need instructions on how to do that, let me know.
Kind Regards,
-- Thomas Adam
===== Thomas Adam
"The Linux Weekend Mechanic" -- www.linuxgazette.com
__________________________________________________ Yahoo! Plus - For a better Internet experience http://uk.promotions.yahoo.com/yplus/yoffer.html
-- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
__________________________________________________ Yahoo! Plus - For a better Internet experience http://uk.promotions.yahoo.com/yplus/yoffer.html
-- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
===== Thomas Adam "The Linux Weekend Mechanic" -- www.linuxgazette.com __________________________________________________ Yahoo! Plus - For a better Internet experience http://uk.promotions.yahoo.com/yplus/yoffer.html
How about utilising Ident instead? it'll log
individual users activity instead without their
interaction & will make them less likely to use
someone elses account to do their illicit activities
as they have no knowledge of your logging! ;)
You can then revoke naughty users from the internet
with an 'acl naughtyX ident joebloggs' rule and then
an http_access rule on that to allow or deny them.
--- Alan Davies
before users can use it.
I have read page 435 in then manual (suse 8.2) and it refers to authenticate_program/usr/sbin/pam_auth but that doesn't appear to exist in squid.conf
it suggests using acl password proxy_auth REQUIRED
(now there is a proxu_auth section in squid conf - is that the option I require?)
However using this line gives an error as it appears not to recognise it as "no authenication schemes are fully configured"
can anyone point me in the right direction - or tell me exactly what to uncomment or add in squid.conf
Many thanks.
-- Alan Davies Head of Computing Birkenhead School
-- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
__________________________________________________ Yahoo! Plus - For a better Internet experience http://uk.promotions.yahoo.com/yplus/yoffer.html
participants (3)
-
Alan Davies
-
Steve Palmer
-
Thomas Adam