Section: Maintenance Commands (8)
digest_file_auth - File based digest authentication helper for Squid.
is an installed binary authentication program for Squid. It handles digest
authentication protocol and authenticates against a text file backend.
This program will automatically detect the existence of a concurrency channel-ID and adjust appropriately.
It may be used with any value 0 or above for the auth_param children concurrency= parameter.
Accept digest hashed passwords rather than plaintext in the password file
Username database file format:
- - comment lines are possible and should start with a '#';
- - empty or blank lines are possible;
- - plaintext entry format is username:password
- - HA1 entry format is username:realm:HA1
To build a directory integrated backend, you need to be able to
calculate the HA1 returned to squid. To avoid storing a plaintext
password you can calculate
when the user changes their password, and store the tuple
then find the matching
when squid asks for the HA1.
This implementation could be improved by using such a triple for
the file format. However storing such a triple does little to
improve security: If compromised the
combination is "plaintext equivalent" - for the purposes of digest authentication
they allow the user access. Password synchronization is not tackled
by digest - just preventing on the wire compromise.
This program was written by
Robert Collins <firstname.lastname@example.org>
Based on prior work by
Arjan de Vet <Arjan.deVet@adv.iae.nl>
o4a'hide' .I Robert Collins <email@example.com>
Amos Jeffries <firstname.lastname@example.org>
* Copyright (C) 1996-2021 The Squid Software Foundation and contributors
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
* Please see the COPYING and CONTRIBUTORS files for details.
This program and documentation is copyright to the authors named above.
Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
Questions on the usage of this program can be sent to the
Squid Users mailing list
Bug reports need to be made in English.
for details of what you need to include with your bug report.
Report bugs or bug fixes using http://bugs.squid-cache.org/
Report serious security bugs to
Squid Bugs <email@example.com>
Report ideas for new improvements to the
Squid Developers mailing list
The Squid FAQ wiki
The Squid Configuration Manual