samba and squid?
Andrew Bartlett
abartlet at pcug.org.au
Fri Dec 24 04:05:09 GMT 1999
I used identd 1.5 (until I decided that this style of authentication was
severe overkill for a home network). It unfortunately would crash more
often than I would like, but I was the only person that it affected.
It can be found at
http://www.acs.ucalgary.ca/~mmastrac/files/identd.html
and is under the GPL.
Squid can then be told to only allow users out with a valid ident reply,
which by default is the windows login name. This is of course entirely
insecure, as any user can start their own daemon and fake replies left
right and center, but if it doesn't crash the only evidence that it is
running is the need to click on the login window in Win9X (i don't use
NT).
There apparently is a PAM module for squid at
http://hem.passagen.se/hno/squid/#PAM (just found with altavisa) and a
pam_smb module to authenicate this request against SMB servers at
http://www.csn.ul.ie/~airlied/pam_smb/
Other than that I think it is possible to write a small program to
authenticate uses using PAM that just takes the user name and password
as input, for use in squids external authenticate mechanism.
Andrew Bartlett
abartlet at pcug.org.au
Dave Wreski wrote:
>
> Hi all. I'd like to look into using samba in conjunction with squid, to
> authenticate users before leaving the intranet thru the squid proxy.
>
> I'm using RH6, and thought there may be either a PAM module to do this, or
> the possibility of authenticating against a PDC or samba server for squid
> authentication?
>
> Thanks,
> Dave
More information about the samba
mailing list