Squid Username/Password Configuration

Configuring password authentication for Squid, a popular open-source proxy server, involves several steps. Here’s a basic guide on how to set up username and password authentication in Squid:

  1. Create a Password File:
    Squid uses a password file to store usernames and encrypted passwords. You can use the htpasswd command to create this file. If you don’t have it installed, you can typically install it with a package manager.
   htpasswd -c /etc/squid/passwd username

This command will prompt you to enter and confirm the password for the specified username. The -c flag is used to create a new file.

  1. Configure Squid:
    Open the Squid configuration file in a text editor. This file is often located at /etc/squid/squid.conf.
   sudo nano /etc/squid/squid.conf
  1. Add ACL and Authentication Configuration:
    Add the following lines to your Squid configuration file to define an access control list (ACL) and enable basic authentication.
   auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd
   auth_param basic children 5
   auth_param basic realm Squid proxy-caching web server
   auth_param basic credentialsttl 2 hours
   acl password_auth proxy_auth REQUIRED
   http_access allow password_auth

Adjust the paths and settings according to your system and security requirements.

  1. Restart Squid:
    After making changes to the Squid configuration, restart the Squid service for the changes to take effect.
   sudo service squid restart

Alternatively, use the appropriate command for your system, such as systemctl or service.

  1. Testing:
    Test the configuration by accessing the Squid proxy. You should be prompted for a username and password. Enter the credentials you created using htpasswd in step 1.

Remember to replace /etc/squid/passwd with the actual path to your password file and adjust other settings based on your specific requirements and Squid version.

Please note that basic authentication sends passwords in plain text unless used with an HTTPS connection or additional security measures. If possible, consider using more secure authentication methods or employing Squid in conjunction with other security measures, such as VPNs or IP whitelisting.

Leave a Reply

Your email address will not be published. Required fields are marked *