Setting up Squid Proxy Authentication on Ubuntu\/Fedora\/CentOS<\/h2>\n\n\n\n
In order to setup Squid proxy authentication with a basic username and password, you need to make a few adjustments on the squid configuration file as follows;<\/p>\n\n\n\n
Generate Squid Proxy Authentication Passwords<\/h3>\n\n\n\n
In order to use htpasswd, you need to have Once it is installed, run the commands below to generate the password for users to authenticate.<\/p>\n\n\n\n This creates a password for user amos and store it under To add more users, you need to remove option -c<\/strong> from the htpasswd command for example;<\/p>\n\n\n\n When you check the password file, there are now two users with their encrypted passwords;<\/p>\n\n\n\n The squid user should be able to read this file. Therefore run the command below to set proper permissions;<\/p>\n\n\n\n Verify that the usernames and passwords provide works fine with Squid proxy.<\/p>\n\n\n\n For every correct entry, you should see Since all seems fine, proceed to setup squid proxy basic authentication.<\/p>\n\n\n\n Open the squid configuration file for editing and add the following lines.<\/p>\n\n\n\n As a brief overview of the lines set above;<\/p>\n\n\n\n Once you are done with configurations, save the file and restart squid.<\/p>\n\n\n\n Configure your client to use authenticate vai squid proxy server as described in our previous<\/a> article.<\/p>\n\n\n\n From the client side, if you try to access the internet via browser, you will be prompted to authenticate. See screenshot below;<\/p>\n\n\n When you authenticate properly, you will be able to access the internet on browser.<\/p>\n\n\n\n If you try to download a file using wget, you will be prompted to authenticate;<\/p>\n\n\n\n Hence;<\/p>\n\n\n\n Well, there you go. You have successfully setup Squid proxy authentication on Ubuntu 18.04\/Fedora29\/28\/CentOS 7 with username and password. In our next tutorial, we are going to learn how to integrate Squid proxy with LDAP servers for centralized authentication. Thank you for passing by. We hope this was informative.<\/p>\n\n\n\n Hey, want to learn how to set system wide proxy settings on Ubuntu 18.04? You can catch that by following the link below;<\/p>\n\n\n\n How to Set System Wide Proxy in Ubuntu 18.04<\/a><\/p>\n\n\n\n Other tutorials<\/p>\n\n\n\n Configure Squid Proxy OpenLDAP Authentication on pfSense<\/a><\/p>\n\n\n\nhtpasswd<\/code> and htdigest<\/code> are two tools that can be used to generate proxy user authentication passwords. While htpasswd encrypts the passwords and store them in a hashed format, htdigest stores the passwords in plain text hence insecure. In this guide, we are going to use htpasswd utility.<\/p>\n\n\n\nhttpd\/apache2-utils<\/code> installed. To install it;<\/p>\n\n\n\nsudo apt-get install apache2-utils<\/code><\/pre>\n\n\n\nsudo yum install httpd-tools<\/code><\/pre>\n\n\n\nhtpasswd -c \/etc\/squid\/.squid_users amos<\/strong><\/code><\/pre>\n\n\n\nNew password: ENTER PASS\nRe-type new password: ENTER PASS\nAdding password for user amos<\/code><\/pre>\n\n\n\n\/etc\/squid\/.squid_users<\/code>.<\/p>\n\n\n\nhtpasswd \/etc\/squid\/.squid_users john<\/code><\/pre>\n\n\n\nNew password: \nRe-type new password: \nAdding password for user john<\/code><\/pre>\n\n\n\nless \/etc\/squid\/.squid_users<\/strong><\/code><\/pre>\n\n\n\namos:$apr1$IyfTZICg$2fPImX5o14XC2KPF1kZWv\/\njohn:$apr1$5o0XKeto$m6c5B5KK5ZAK\/7A\/VIgYB\/<\/code><\/pre>\n\n\n\nchown squid \/etc\/squid\/.squid_users<\/code><\/pre>\n\n\n\nOK<\/code> displayed as shown below;<\/p>\n\n\n\n\/usr\/lib64\/squid\/basic_ncsa_auth \/etc\/squid\/.squid_users <\/code><\/pre>\n\n\n\namos password\nOK<\/strong>\njohn password\nOK<\/strong><\/code><\/pre>\n\n\n\nConfigure Squid Proxy Authentication<\/h3>\n\n\n\n
auth_param basic program \/usr\/lib64\/squid\/basic_ncsa_auth \/etc\/squid\/.squid_users\nauth_param basic children 5\nauth_param basic realm Proxy Authentication Required\nauth_param basic credentialsttl 2 hours\nauth_param basic casesensitive off\n\nacl auth_users proxy_auth amos john\nhttp_access allow auth_users<\/code><\/pre>\n\n\n\n\n
basic_ncsa_auth<\/code> helper program and find the usernames and password in \/etc\/squid\/.squid_users<\/code> file.<\/li>\n\n\n\nauth_param basic children 5<\/code> specifies the maximum number of squid authenticator processes to spawn.<\/li>\n\n\n\nauth_param basic realm<\/code> specifies the protection scope which is to be reported to the client for the authentication scheme.<\/li>\n\n\n\nauth_param basic credentialsttl 2 hours<\/code> specifies how long squid assumes an externally validated username:password pair is valid for<\/li>\n\n\n\nauth_param basic casesensitive off<\/code> specifies if usernames are case sensitive.<\/li>\n\n\n\nacl auth_users proxy_auth amos john<\/code> defines Squid authentication ACL for users that are allowed to authenticate.<\/li>\n<\/ul>\n\n\n\nsystemctl restart squid<\/code><\/pre>\n\n\n\n![\"Setup](\"https:\/\/kifarunix.com\/wp-content\/uploads\/2021\/10\/squid-proxy-authentication.png\" "\\"\\"")
<\/figure><\/div>\n\n\nwget google.com<\/code><\/pre>\n\n\n\n--2018-12-19 00:38:21-- http:\/\/google.com\/\nConnecting to 192.168.43.69:3128<\/strong>... connected.\nProxy request sent, awaiting response... 407 Proxy Authentication Required\n2018-12-19 00:38:21 ERROR 407: Proxy Authentication Required<\/strong>.<\/code><\/pre>\n\n\n\nwget --proxy-user=amos --proxy-password=password<\/strong> google.com<\/code><\/pre>\n\n\n\n--2018-12-19 00:39:36-- http:\/\/google.com\/\nConnecting to 192.168.43.69:3128... connected.\nProxy request sent, awaiting response... 301 Moved Permanently\nLocation: http:\/\/www.google.com\/ [following]\n--2018-12-19 00:39:37-- http:\/\/www.google.com\/\nReusing existing connection to 192.168.43.69:3128.\nProxy request sent, awaiting response... 200 OK\nLength: unspecified [text\/html]\nSaving to: \u2018index.html.8\u2019\n\nindex.html.8 [ <=> ] 11.72K --.-KB\/s in 0.1s \n\n2018-12-19 00:39:38 (97.6 KB\/s) - \u2018index.html.8\u2019 saved [12001]<\/code><\/pre>\n\n\n\n