[squid-users] PAM/Radius authentication question with Squid.3.1.10

Pugal Scout pugalscout at gmail.com
Mon Jun 8 15:53:01 UTC 2015


Thank you Amos. That is helpful, user groups seems to be a good option. I
will try that.

-JP

On Mon, Jun 8, 2015 at 12:43 AM, Amos Jeffries <squid3 at treenet.co.nz> wrote:

> On 6/06/2015 7:09 p.m., Pugal Scout wrote:
> > Hi,
> >
> > Apologies if this question has been asked earlier. Is it possible to
> setup
> > squid authentication as below:
> > Use /etc/passwd for user account verification and radius for password?
>
> The provided auth helpers for Squid can check against *one* backend type
> for each auth scheme. Anything more compicated requires a custom written
> auth helper. Although technically some of the helpers can auto-detect or
> be configured for multiple backends of the same type.
>
> >
> > I have verified radius authentication is successful on the squid server.
> > auth_param basic program /usr/lib64/squid/squid_radius_auth -f
> > /etc/radius_config
> >
> > The radius database contains lot more users then I want to let them in. I
> > only want to allow users who have local accounts on the squid server in
> > /etc/passwd and radius for password verification?
>
> The usual way to do this is by using "groups" of users, one group having
> access permission to use the proxy.
>
> See the external ACL helpers for options about looking up user group(s).
>
> Amos
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150608/506e916b/attachment.html>


More information about the squid-users mailing list