Installing a Squid proxy server on Ubuntu 12.10 with NCSA authentication

Installing Squid

I started by installing Squid:

sudo apt-get install squid

This actually installed Squid 3.1.20, so my Squid configuration file was located at /etc/squid3/squid.conf.

Next, I tested whether Squid worked out of the box. I used ifconfig to find out my VM’s IP address, then opened that in a browser on port 3128. I was given a page that said Squid at the bottom, so that’s a good sign.

Squid

Setting up a password file

Squid has a ton of options for authentication. Since I’m just testing proxy server authentication, I went with a simple NCSA-style username and password configuration. First I installed apache2-utils to get access to htpasswd:

sudo apt-get install apache2-utils

Next I created a file called users in my Squid configuration folder, with a user named paul.

sudo htpasswd -c /etc/squid3/users paul

Using htpasswd to set a password

And I made sure Squid could read that file:

sudo chmod o+r /etc/squid3/users

Configuring Squid to use NCSA authentication module

The different authentication modules are distributed as binaries that come with Squid, and to configure them you have to know where they are located. This command listed their locations:

dpkg -L squid3 | grep ncsa_auth

For me the output was /usr/lib/squid3/ncsa_auth.

To enable the module, I opened the Squid configuration file in vi:

sudo vi /etc/squid3/squid.conf

I searched for the text TAG: auth_param to find where the authentication module is configured. Next I added the following configuration:

auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/users
auth_param basic children 5
auth_param basic realm Paul's Squid!
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

Next, I needed to add the ACL to give the users access. I searched for TAG: acl in the Squid configuration file and added this ACL to the list:

acl ncsa_users proxy_auth REQUIRED

Then I searched for TAG: http_access to find where HTTP access rules are configured. Scrolling down, there’s a section where you can insert your own rules. I added:

http_access allow ncsa_users

Restart Squid

Finally, I restarted Squid:

sudo service squid3 restart

And bam! After configuring the proxy settings, I was prompted for proxy credentials:

Prompted for proxy credentials

Advertisements

Posted on June 10, 2015, in Linux (Ubuntu/CentOS). Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: