Friday, November 28, 2008
yum stuff
note to self
When creating yum repositories with RHEL5 installation media,
use createrepo -g with the comps-*.xml files inside {Server, Cluster, ClusterStorage, VT}/repodata directories.
createrepo -g will add the necessary meta-data on to the repo, necessary for yum group functions to work properly.
Eg. yum grouplist, yum groupinstall
Monday, November 03, 2008
Enabling basic authentication in Squid
Found this in my gmail archive and thought it would be easier to have it on my blog.
I had replied with this to someone on the lug.lk mailing list.
Actually noticed an error on my reply as well, which is corrected on the below.
-2007-08-01
Squid supports lot of authentication methods. I'll put the basic method that uses ncsa_auth program.
You need to make the following changes to your squid.conf.
Please be advised that the below, gives only a very basic proxy setup with authentication.
If you want something complex, you might want to the squid documentation.
**Backup your existing squid.conf
Put/uncomment following lines to your squid.conf
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
ncsa_auth program is installed along squid in redhat flavours, under /usr/lib/squid/ .
"/etc/squid/passwd" is the name of the file where all the passwords will be kept.
You can change this to point to wherever you want in the file system.
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
First line below is an ACL named "authenticated_user" Second line defines the networks in the LAN.
This should be changed according to your setup. ( i just copied over from def: squid.configuration :-) )
The third allows http access through the proxy for Authenticated connections coming from the specified networks.
acl authenticated_user proxy_auth REQUIRED
acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks authenticated_user
Once you have made the above changes to the squid.conf you have to create the username/passwords in the specified file. ( /etc/squid/squid_passwd in this )
For that, do,
htpasswd -c /etc/squid/squid_passwd username password
After adding the 1st user in the above way, to add more new users, use the below method.
htpasswd /etc/squid/squid_passwd username password
You can find out various parameters you can use with htpasswd from the man page.
When everything is done, simply restart the squid service..
If you want squid to connect to a separate service for authentication, refer to the squid documentation, there are quite a few methods that are currently supported.
Subscribe to:
Posts (Atom)
changing opnsense mtu
note to self When an OpnSense is deployed on Proxmox environment where MTU is <1500, it doesn't seem to auto-detect and leaves the O...
-
Below is procedure i used in integrating squid with OpenLDAP, and the Active Directory with the information gathered from numerous google se...
-
note to self RHN doesn't seem to play well with download managers. "wget" used to be good but noticed a small problem lately...