1 .if !'po4a'hide' .TH digest_file_auth 8
4 .if !'po4a'hide' .B digest_file_auth
6 File based digest authentication helper for Squid.
11 .if !'po4a'hide' .B digest_file_auth
12 .if !'po4a'hide' .B [\-c]
17 is an installed binary authentication program for Squid. It handles digest
18 authentication protocol and authenticates against a text file backend.
20 This program will automatically detect the existence of a concurrecy channel-ID and adjust appropriately.
21 It may be used with any value 0 or above for the auth_param children concurrency= parameter.
24 .if !'po4a'hide' .TP 12
25 .if !'po4a'hide' .B \-c
26 Accept digest hashed passwords rather than plaintext in the password file
30 Username database file format:
32 - comment lines are possible and should start with a '#';
35 - empty or blank lines are possible;
38 - plaintext entry format is username:password
41 - HA1 entry format is username:realm:HA1
44 To build a directory integrated backend, you need to be able to
45 calculate the HA1 returned to squid. To avoid storing a plaintext
46 password you can calculate
47 .B MD5(username:realm:password)
48 when the user changes their password, and store the tuple
49 .B username:realm:HA1.
50 then find the matching
52 when squid asks for the HA1.
54 This implementation could be improved by using such a triple for
55 the file format. However storing such a triple does little to
56 improve security: If compromised the
58 combination is "plaintext equivalent" - for the purposes of digest authentication
59 they allow the user access. Password syncronisation is not tackled
60 by digest - just preventing on the wire compromise.
63 This program was written by
64 .if !'po4a'hide' .I Robert Collins <robertc@squid-cache.org>
66 Based on prior work by
67 .if !'po4a'hide' .I Arjan de Vet <Arjan.deVet@adv.iae.nl>
68 .if !'po4a.hide' .I Jon Thackray <jrmt@uk.gdscorp.com>
70 This manual was written by
71 .if !'po4a'hide' .I Robert Collins <robertc@squid-cache.org>
72 .if !'po4a'hide' .I Amos Jeffries <amosjeffries@squid-cache.org>
75 This program and documentation is copyright to the authors named above.
77 Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
80 Questions on the usage of this program can be sent to the
81 .I Squid Users mailing list
82 .if !'po4a'hide' <squid-users@squid-cache.org>
85 Bug reports need to be made in English.
86 See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
88 Report bugs or bug fixes using http://bugs.squid-cache.org/
90 Report serious security bugs to
91 .I Squid Bugs <squid-bugs@squid-cache.org>
93 Report ideas for new improvements to the
94 .I Squid Developers mailing list
95 .if !'po4a'hide' <squid-dev@squid-cache.org>
98 .if !'po4a'hide' .BR squid "(8), "
99 .if !'po4a'hide' .BR GPL "(7), "
102 .if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
104 The Squid Configuration Manual
105 .if !'po4a'hide' http://www.squid-cache.org/Doc/config/