Re: [squid-users] how 2 protect squid proxy's user/pass-combo

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Tue, 27 Nov 2001 14:55:20 +0100

On Tuesday 27 November 2001 11.31, mohren wrote:

> >> Is there a way (SSL) to protect the usr/pass-combo?
> >
> >Nope. Not unless you are running Squid as an SSL web server accelerator
> >for your own web servers anyway..
>
> This will not work from outside, yep? or is the auth-request, which goes
> home, transparently ssl-ed by the accelerator? If yes, is the accelerator a
> stable solution?

With this setup Squid will look as the web server to the outside, and as a
client to your web servers.

"accelerator" mode is nothing new, and has been there from day 1. See the
Squid FAQ on "accelerator" setups. What is new is the ability to act as the
SSL server endpoint on "accelerated" requests.

> >Which sounds like a quite good job for the SSL support in Squid-2.5,
> >allowing you to encrypt both the password and the actual content with
> >strong encryption...
>
> coming soon? :-)

Available in late beta today, perfectly suitable for testing.

Regards
Henrik

-- 
MARA Systems AB
Giving you basic free Squid support
Priority support or Squid enhancements available on request
Received on Tue Nov 27 2001 - 06:55:02 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:04:33 MST