[squid-users] SQUID3 HTTPs forward proxy and sha256/512 authentication

Eliezer Croitoru eliezer at ngtech.co.il
Tue Feb 3 20:23:22 UTC 2015


On 03/02/2015 17:14, Anton Radkevich wrote:
> so just to be clear the connection flow will look like:
>
> browser <Encrypted Tunnel> Server <HTTP or HTTPS connection> Destination
>
> where <Encrypted Tunnel> is probably some form of HTTPS connection for
> support with the browser PAC

Hey Anton,

Squid do not support socks connection or any other form of encryption.
The known options to encrypt the connection between the client and the 
server are:
- ssl vpn tunnel
- ssh vpn tunnel
- some other weird and special ways

Since I am not familiar with all authentication methods I cannot answer.
On the other hand squid offers couple ways to authenticate and I am sure 
that the choice between md5 or other sha algorithm is not important if 
you are encrypting the connection between the server and the client 
using a tunnel.
If you wish to use some higher security levels you can use client side 
certificates and pin IP addresses to the certificates.

All The Bests,
Eliezer



More information about the squid-users mailing list