Enable User Authentication in Squid

in the same config file we have been using :

cd /etc/squid/conf.d/local.conf

auth_param basic progarm /usr/lib/suid/basic_ncsa_auth

and i am telling squid to use basic authentication, maybe you want LDAP you can do that by choosing the program for LDAP, and you can find them in /usr/lib/squid

root@ubuntu:/usr/lib/squid# ls
basic_db_auth        basic_radius_auth  ext_file_userip_acl          helper-mux                    pinger
basic_fake_auth      basic_sasl_auth    ext_kerberos_ldap_group_acl  log_db_daemon                 security_fake_certverify
basic_getpwnam_auth  basic_smb_auth     ext_ldap_group_acl           log_file_daemon               storeid_file_rewrite
basic_ldap_auth      basic_smb_auth.sh  ext_session_acl              negotiate_kerberos_auth       unlinkd
basic_ncsa_auth      cert_tool          ext_sql_session_acl          negotiate_kerberos_auth_test  url_fake_rewrite
basic_nis_auth       digest_file_auth   ext_time_quota_acl           negotiate_wrapper_auth        url_fake_rewrite.sh
basic_pam_auth       digest_ldap_auth   ext_unix_group_acl           ntlm_fake_auth
basic_pop3_auth      diskd              ext_wbinfo_group_acl         ntlm_smb_lm_auth

For the basic config program, it is common to follow up the configuration with the file storing credentials which is ‘htpasswd’

auth_param basic progarm /usr/lib/suid/basic_ncsa_auth /etc/squid/htpasswd

I also need to provide any other configuration parameter needed

auth_param basic realm proxy

Now, we just need to tell squid to use it

acl internal src 192.168.1.0/255.255.255.0
acl authenticated proxy_auth REQUIRED
http_access allow internal authenticated

Now we can create the file or let the system do that like this:

root@ubuntu:/etc/squid/conf.d# htpasswd -c /etc/squid/htpasswd ubuntu
New password:
Re-type new password:
Adding password for user ubuntu

ubuntu is the username

to add more users, use -a to append 

root@ubuntu:/etc/squid/conf.d# cat local.conf
http_port 8080
cache_dir ufs /var/spool/squid 800 16 256
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/htpasswd
auth_param basic realm proxy

acl internal src 192.168.1.0/255.255.255.0
acl authenticated proxy_auth REQUIRED

acl blocked_websites dstdomain facebook.com fb.com linux.com
http_access deny blocked_websites
http_access allow internal authenticated
PreviousSQUID PROXY SERVERNextRestricting Acess with Squid Proxy

Last updated