如何使用基本的用户名和密码身份验证设置鱿鱼代理? [英] How to set up a squid Proxy with basic username and password authentication?
问题描述
我目前在acl中使用ip,并且我想使用用户名和密码来完成此操作.
I currently I use ip in acl, and I want to use username and password to do this.
推荐答案
这是我在 Ubuntu 14.04 上设置基本身份验证所要做的(在其他任何地方都找不到指南)
Here's what I had to do to setup basic auth on Ubuntu 14.04 (didn't find a guide anywhere else)
/etc/squid3/squid.conf
代替超级膨胀的默认配置文件
auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid3/passwords
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED
http_access allow authenticated
# Choose the port you want. Below we set it to default 3128.
http_port 3128
请注意 basic_ncsa_auth 程序,而不是旧的 ncsa_auth
Please note the basic_ncsa_auth program instead of the old ncsa_auth
对于鱿鱼2.x,您需要编辑/etc/squid/squid.conf
文件并放置:
For squid 2.x you need to edit /etc/squid/squid.conf
file and place:
auth_param basic program /usr/lib/squid/digest_pw_auth /etc/squid/passwords
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED
http_access allow authenticated
设置用户
sudo htpasswd -c /etc/squid3/passwords username_you_like
然后为所选用户名输入两次密码,然后
and enter a password twice for the chosen username then
sudo service squid3 restart
乌贼2.x
sudo htpasswd -c /etc/squid/passwords username_you_like
然后为所选用户名输入两次密码,然后
and enter a password twice for the chosen username then
sudo service squid restart
htdigest与htpasswd
对于许多问我的人:这两种工具产生不同的文件格式:
htdigest vs htpasswd
For the many people that asked me: the 2 tools produce different file formats:
-
htdigest
以纯文本格式存储密码. -
htpasswd
存储散列的密码(可用各种散列算法)
htdigest
stores the password in plain text.htpasswd
stores the password hashed (various hashing algos are available)
尽管格式basic_ncsa_auth
存在差异,但仍然可以解析使用htdigest
生成的密码文件.因此,您可以选择使用:
Despite this difference in format basic_ncsa_auth
will still be able to parse a password file generated with htdigest
. Hence you can alternatively use:
sudo htdigest -c /etc/squid3/passwords realm_you_like username_you_like
请注意,此方法是经验的,未记录的并且将来的Squid版本可能不支持.
在Ubuntu 14.04上,htdigest
和htpasswd
都在[apache2-utils][1]
软件包中提供.
On Ubuntu 14.04 htdigest
and htpasswd
are both available in the [apache2-utils][1]
package.
与上述类似,但文件路径不同.
Similar as above applies, but file paths are different.
安装鱿鱼
brew install squid
启动鱿鱼服务
brew services start squid
乌贼配置文件存储在/usr/local/etc/squid.conf
.
评论或删除以下行:
http_access allow localnet
然后类似于linux config(但具有更新的路径)添加此内容:
Then similar to linux config (but with updated paths) add this:
auth_param basic program /usr/local/Cellar/squid/4.8/libexec/basic_ncsa_auth /usr/local/etc/squid_passwords
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED
http_access allow authenticated
请注意,basic_ncsa_auth
的路径可能有所不同,因为使用brew
时,它取决于安装的版本,您可以使用ls /usr/local/Cellar/squid/
进行验证.另外请注意,您应该在以下部分之后添加以上内容:
Note that path to basic_ncsa_auth
may be different since it depends on installed version when using brew
, you can verify this with ls /usr/local/Cellar/squid/
. Also note that you should add the above just bellow the following section:
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
现在为您自己生成一个用户:密码基本身份验证凭据(注意:htpasswd
和htdigest
在MacOS上也都可用)
Now generate yourself a user:password basic auth credential (note: htpasswd
and htdigest
are also both available on MacOS)
htpasswd -c /usr/local/etc/squid_passwords username_you_like
重新启动鱿鱼服务
brew services restart squid
这篇关于如何使用基本的用户名和密码身份验证设置鱿鱼代理?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!