[squid-users] One Time Password with squid, exists?

Eliezer Croitoru eliezer at ngtech.co.il
Thu Mar 12 01:50:32 UTC 2015


Hey List,

I was wondering about if OTP was ever implemented officially with squid?
I have seen that most OTP works with some kind of third party system 
such as a radius server.

I had in mind a simple setup with a mysql backend and a php\cgi\other 
frontend that will create a one time password for the user which will be 
valid for some period of time\window.

The options for authentication are:
- basic (via db)
- digest

For me the most simple setup with a basic authentication would be the 
most simple to implement but digest I cannot yet understand so I cannot 
really create a fully blown system for that.

If the list users can help me to compose the sketch for the idea I will 
might be able to implement a basic OTP idea with a mysql DB.

What one time password authentication should contain?
How long should a password be usable?
What would invalidate the password?
How many wrong passwords should be considered a cracking trial?

If you have more ideas about the subject I would be happy to see them here.

Thanks In Advance,
Eliezer Croitoru


More information about the squid-users mailing list