digest_file_auth(8)digest_file_auth(8)NAMEdigest_file_auth - File based digest authentication helper for Squid.
Version 1.0
SYNOPSISdigest_file_auth [-c] file
DESCRIPTIONdigest_file_auth is an installed binary authentication program for
Squid. It handles digest authentication protocol and authenticates
against a text file backend.
OPTIONS-c Accept digest hashed passwords rather than plaintext in the
password file
CONFIGURATION
Username database file format:
- comment lines are possible and should start with a '#';
- empty or blank lines are possible;
- plaintext entry format is username:password
- HA1 entry format is username:realm:HA1
To build a directory integrated backend, you need to be able to calcu‐
late the HA1 returned to squid. To avoid storing a plaintext password
you can calculate MD5(username:realm:password) when the user changes
their password, and store the tuple username:realm:HA1. then find the
matching username:realm when squid asks for the HA1.
This implementation could be improved by using such a triple for the
file format. However storing such a triple does little to improve
security: If compromised the username:realm:HA1 combination is "plain‐
text equivalent" - for the purposes of digest authentication they allow
the user access. Password syncronisation is not tackled by digest -
just preventing on the wire compromise.
AUTHOR
This program was written by Robert Collins <robertc@squid-cache.org>
Based on prior work by Arjan de Vet <Arjan.deVet@adv.iae.nl>
This manual was written by Robert Collins <robertc@squid-cache.org>
Amos Jeffries <amosjeffries@squid-cache.org>
COPYRIGHT
This program and documentation is copyright to the authors named above.
Distributed under the GNU General Public License (GNU GPL) version 2 or
later (GPLv2+).
QUESTIONS
Questions on the usage of this program can be sent to the Squid Users
mailing list <squid-users@squid-cache.org>
REPORTING BUGS
Bug reports need to be made in English. See http://wiki.squid-
cache.org/SquidFaq/BugReporting for details of what you need to include
with your bug report.
Report bugs or bug fixes using http://bugs.squid-cache.org/
Report serious security bugs to Squid Bugs <squid-bugs@squid-cache.org>
Report ideas for new improvements to the Squid Developers mailing list
<squid-dev@squid-cache.org>
SEE ALSOsquid(8), GPL(7),
The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq
The Squid Configuration Manual http://www.squid-cache.org/Doc/config/
digest_file_auth(8)