Ilya wrote:
>>>>> I need to install squid(2.4 or 2.5) on Linux. The clients are
>>>>> running on both windows and linux operating systems. It is needed
>>>>> to pass username/password for authentication from client to squid
>>>>> in encrypted form, not plain text, not base64.
>>>>
>>>>
>>>> you can't do this, cause impossible by HTTP proto.
>>>
>
>> I may be wrong, but maybe you can try to use digest password auth.
>>
>> That way, the password is sent encrypted.
>
> Can you explain it in detail???
Maybe i am being a bad person, but everything (and more) you need to
know about digest is in the RFC, they can be found on:
HTTP basic and Digest auth: http://www.ietf.org/rfc/rfc2617.txt
Basically, when the client tries to authenticate, the server sends a
variable key then the client joins the server key, the username and the
password and encrypts it with a one-way hash.
The server receives this hash and compares it with a similar hash built
with the username and password from its database.
If the hashes are equal, the server accepts the connection.
Disclaimer: The text above was written from memory, i'm not sure if it's
99% correct ;-)
>
> Thanks a lot.
> Ilya
Hope it helps
Jose Araujo
Received on Thu Nov 21 2002 - 09:32:47 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:21 MST