Kristina Mpoyi-Mpoyi wrote:
> Thank you for your prompt reply. I did
> chmod root:root pam_auth and it worked!!!
Good.
> I have another question.
> Now that I have authentication via pam working, I don't want the superusername
> and password in /etc/shadow used for proxy authentication.
> How can I restrict access so that "root" cannot
> be used for proxy authentication.
The best method is to use a PAM module that restricts root logins from
Squid.
But you can also wrap pam_auth in a filter which denies certain
usernames from login before asking PAM..
> Is using the ACL list with an IDENT server the only way?
> Is using the IDENT server a good idea?
Not relevant to your question. IDENT is a completely different method
for the proxy to identity the user.
-- Henrik Nordstrom Squid hackerReceived on Tue Mar 27 2001 - 01:54:05 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:59 MST