md5 crypt and ncsa_auth
Joel Pearson
pearj at writeme.com
Wed Feb 26 19:17:24 EST 2003
That's not quite how I want to do it, I want to be able to copy the hashes
out of the shadow password file into another file and then authenticate from
the other file.
The reason I want this is because I don't always want to allow all users to
be able to use the proxy all the time. Say if I want to disable a specific
user from using the proxy I could just remove them from the squid password
file. But if I was directly using the shadow password file, users wouldn't
be able to log on if I removed them from the shadow password file.
So I think I'm still where I started, would it be hard to mod the ncsa_auth
program to be able to authenticate from the hashes in the shadow password
file? Or is there some way to point the pam module to look at something
other than the shadow password file?
Thanks
"Brett Worth" <brettw at cray.com> wrote in message
news:Pine.LNX.4.44.0302261851090.6124-100000 at cbrserv.au.cray.com...
> On Wed, 26 Feb 2003, Joel Pearson wrote:
>
> > Now on the 2nd part of the question, how hard would it be to change the
> > attached code ncsa_auth.c to support md5 crypt as opposed to just crypt?
>
> Are you trying to get squid to do shadow password authentication?
> If so then you probably want pam_auth.
>
> Take a look at: http://www.pcquest.com/content/linux/handson/101071104.asp
>
> There you'll find detailed instructions on how to set it up.
>
> I just checked it and it does work on RH8.0. The suid u+s on
> /usr/lib/squid/pam_auth is required unfortunately.
>
> --
> Brett
>
>
More information about the linux
mailing list