[squid-users] Is ntlm_fake_auth known to work?

Amos Jeffries squid3 at treenet.co.nz
Thu Nov 5 03:18:55 UTC 2015

On 5/11/2015 11:21 a.m., Edouard Gaulué wrote:
> Dear community,
> ntlm_fake_auth looks to be the authentication helper I'm looking for,
> but trying to set it as mentionned here doesn't work:
>  * http://wiki.squid-cache.org/ConfigExamples/Authenticate/LoggingOnly
>  *
> http://dsysadm.blogspot.fr/2012/03/my-book-live-with-squid-and-fakeauth.html
> Last information found is there :
> http://www.squid-cache.org/mail-archive/squid-users/201310/0087.html
> Browser keeps asking for credentials. Is this a configuration matter or
> could it be deeper?

Depends on what Squid version you are using. It was broken for a few
years. We fixed that issue a few months back and it was apparently
working now. that Good news is you can grab the latest Squid code (v4 or
3.5), build it and use the helper generated on older Squid installations
if you need to use old Squid for some reason.

It also depends on what software you are trying to authenticate. NTLM
was deprecated in 2006 by MS and they started disabling it by default in
software since 2006, and fully removed it from some products around 2010

It also depends what security level you have your NTLM set to. Use with
NLMv2-only clients may vary. It will definitely not work with NTLMv2
with security extensions.


More information about the squid-users mailing list