[squid-users] SQUID3 HTTPs forward proxy and sha256/512 authentication

Yuri Voinov yvoinov at gmail.com
Tue Feb 3 21:12:46 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Sure. :)

This way:

http://yvoinov.blogspot.com/2014/08/squid-tor-privoxy-transparent-dns.html
http://yvoinov.blogspot.com/2014/08/squid-tor-privoxy-transparent-dns_19.html

:)

04.02.2015 2:44, Anton Radkevich пишет:
>
> Yuri,
>
> Can you please share any configuration examples? ;)
>
> 03 февр. 2015 г. 23:27 пользователь "Yuri Voinov" <yvoinov at gmail.com
<mailto:yvoinov at gmail.com>> написал:
>
>
> Eliezer,
>
> Squid can be cascaded with Privoxy+Tor. :)
>
> And then - we can route users into it using ACL's.... ;)
>
> Yep, not Squid itself. But with external services......... ;)
>
> 04.02.2015 2:23, Eliezer Croitoru пишет:
> > On 03/02/2015 17:14, Anton Radkevich wrote:
> >> so just to be clear the connection flow will look like:
> >>
> >> browser <Encrypted Tunnel> Server <HTTP or HTTPS connection>
Destination
> >>
> >> where <Encrypted Tunnel> is probably some form of HTTPS connection for
> >> support with the browser PAC
>
> > Hey Anton,
>
> > Squid do not support socks connection or any other form of encryption.
> > The known options to encrypt the connection between the client and the
> server are:
> > - ssl vpn tunnel
> > - ssh vpn tunnel
> > - some other weird and special ways
>
> > Since I am not familiar with all authentication methods I cannot answer.
> > On the other hand squid offers couple ways to authenticate and I am
> sure that the choice between md5 or other sha algorithm is not important
> if you are encrypting the connection between the server and the client
> using a tunnel.
> > If you wish to use some higher security levels you can use client side
> certificates and pin IP addresses to the certificates.
>
> > All The Bests,
> > Eliezer
>
> > _______________________________________________
> > squid-users mailing list
> > squid-users at lists.squid-cache.org
<mailto:squid-users at lists.squid-cache.org>
> > http://lists.squid-cache.org/listinfo/squid-users
>
>
>     _______________________________________________
>     squid-users mailing list
>     squid-users at lists.squid-cache.org
<mailto:squid-users at lists.squid-cache.org>
>     http://lists.squid-cache.org/listinfo/squid-users
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBAgAGBQJU0TnOAAoJENNXIZxhPexG0KoH/0oD2VHwxS0YrE9tb/lohY7h
1sTo6/j9iKuPY97wDjNxGKl3wcmHmNF0QTGK5z60i9oj2FmjE4wXCNv2MehNjlIc
gZc+RlQlTdFEzKk2wQAWgflNg5YWw8Q2y59ApF/nhj2rQVdA1J+pVSkY8cnRSDq+
zjua8ks98+8qJEGDdgCBXeTtTYyfr0L9T7tPIHi7AZdDUMWu26+mY+F7pQVB03sE
r2ebSXlzhUXW6lNmIOGufQdUin1unTSSyoHVpEHrXNaYZIEB8EUjrFsME9W4E7M5
wALBLprKU6ZbfMljuTnG44LfXHYMuKnSLwyKQ0nB020KAdNh3CVNpgDbYR8lEp4=
=tvcQ
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150204/2bf9ee18/attachment-0001.html>


More information about the squid-users mailing list