[squid-users] Tutorial for better authentication than basic

j m acctforjunk at yahoo.com
Mon May 1 21:04:55 UTC 2017


Wow, I didn't find that one.  Not super secure, but better than clear text and I'm not too worried about someone sniffing my packets.

      From: Eliezer Croitoru <eliezer at ngtech.co.il>
 To: 'j m' <acctforjunk at yahoo.com>; squid-users at lists.squid-cache.org 
 Sent: Monday, May 1, 2017 3:30 PM
 Subject: RE: [squid-users] Tutorial for better authentication than basic
   
And what about digest authentication?

----
http://ngtech.co.il/lmgtfy/
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer at ngtech.co.il


From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of j m
Sent: Monday, May 1, 2017 4:18 PM
To: squid-users at lists.squid-cache.org
Subject: [squid-users] Tutorial for better authentication than basic

I'm using Ubuntu 16.04 Server in the home and would like to set up a proxy server for use from over the Internet.  The main purpose for this is to easily access a few web-devices on my LAN without using VPN, and at times to route web traffic from a remote location through my home ISP.  I do not need nor want any caching or filtering.

I previously used Tinyproxy and that did the job, but it had no authentication whatsoever.  I have basic authentication working on squid 3.5, where it asks for the username and password, but I believe this login is sent in clear text.  I've did some research and found squid supports various better methods, such as kerberos, ntlm, smb, etc.  However, while I'm able to install Linux and set up various things, I'm struggling with this authentication aspect.  I have a suspicion some of these methods will not work well because they rely on other services (such as SMB) and may require opening more ports on my router, something I'm not crazy about.

Amos previously suggested client cert auth, but I'm not sure how to set this up.  Are there any other secure auth methods that would work well over the Internet and are fairly simple to configure?

In any case, can anyone point me to an online tutorial somewhere (for a authentication newbie) that outlines how this is done?


   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170501/28865f0b/attachment.html>


More information about the squid-users mailing list