Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
digest_file_auth(8)	    System Manager's Manual	   digest_file_auth(8)

NAME
       digest_file_auth	- File based digest authentication helper for Squid.

       Version 1.1

SYNOPSIS
       digest_file_auth	[-c] file

DESCRIPTION
       digest_file_auth	 is  an	 installed  binary  authentication program for
       Squid. It handles  digest  authentication  protocol  and	 authenticates
       against	a  text	 file backend.	This program will automatically	detect
       the existence of	a concurrency channel-ID and adjust appropriately.  It
       may be used with	any value 0 or above for the auth_param	children  con-
       currency= parameter.

OPTIONS
       -c	   Accept digest hashed	passwords rather than plaintext	in the
		   password file

CONFIGURATION
       Username	database file format:

       - comment lines are possible and	should start with a '#';

       - empty or blank	lines are possible;

       - plaintext entry format	is username:password

       - HA1 entry format is username:realm:HA1

       To  build a directory integrated	backend, you need to be	able to	calcu-
       late the	HA1 returned to	squid. To avoid	storing	a  plaintext  password
       you  can	 calculate  MD5(username:realm:password) when the user changes
       their password, and store the tuple username:realm:HA1.	then find  the
       matching	username:realm when squid asks for the HA1.

       This  implementation  could  be improved	by using such a	triple for the
       file format.  However storing such a triple does	little to improve  se-
       curity: If compromised the username:realm:HA1 combination is "plaintext
       equivalent"  - for the purposes of digest authentication	they allow the
       user access. Password synchronization is	not tackled by digest  -  just
       preventing on the wire compromise.

AUTHOR
       This program was	written	by Robert Collins <robertc@squid-cache.org>

       Based on	prior work by Arjan de Vet <Arjan.deVet@adv.iae.nl>

       This  manual  was  written  by Robert Collins <robertc@squid-cache.org>
       Amos Jeffries <amosjeffries@squid-cache.org>

COPYRIGHT
	* Copyright (C)	1996-2024 The Squid Software Foundation	and  contribu-
       tors
	*
	* Squid	software is distributed	under GPLv2+ license and includes
	* contributions	from numerous individuals and organizations.
	* Please see the COPYING and CONTRIBUTORS files	for details.

       This program and	documentation is copyright to the authors named	above.

       Distributed under the GNU General Public	License	(GNU GPL) version 2 or
       later (GPLv2+).

QUESTIONS
       Questions  on  the usage	of this	program	can be sent to the Squid Users
       mailing list <squid-users@lists.squid-cache.org>

REPORTING BUGS
       Bug reports need	 to  be	 made  in  English.   See  https://wiki.squid-
       cache.org/SquidFaq/BugReporting for details of what you need to include
       with your bug report.

       Report bugs or bug fixes	using https://bugs.squid-cache.org/

       Report  serious	security  bugs	to Squid Bugs <squid-bugs@lists.squid-
       cache.org>

       Report ideas for	new improvements to the	Squid Developers mailing  list
       <squid-dev@lists.squid-cache.org>

SEE ALSO
       squid(8), GPL(7),
       The Squid FAQ wiki https://wiki.squid-cache.org/SquidFaq
       The Squid Configuration Manual http://www.squid-cache.org/Doc/config/

							   digest_file_auth(8)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=digest_file_auth&sektion=8&manpath=FreeBSD+Ports+14.3.quarterly>

home | help