In recent work, you need to use the squid for password authentication, because there are other software to install, in order to make installation more convenient, you have written a script. However, because the customer needs to be able to modify the password of the squid user, a test is conducted for this purpose. Repeated failures make people really depressed. I finally found the problem because I created two fewer files!
Record the actual steps! There are also a lot of related articles on the Internet!
: Http://nchc.dl.sourceforge.net/project/orsochpasswd/orsochpasswd/chpasswd-2.2.4/chpasswd-2.2.4.tar.gz>
Note: The chpasswd on the squid official website has many problems! A lot of errors occurred during compilation. Google found that the chpasswd version was used because of a bug..
Actual environment: RHEL4.8 + Squid2.5 + Apache + third-party commercial applications
About squid configuration file <only authentication is provided to prevent you from forgetting it>
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "201" border = "0" title = "6" style = "border: 0px none;" alt = "6" src = "http://www.bkjia.com/uploads/allimg/131227/0U4544508-0.jpg"/>
Article 1: Specify the corresponding authentication program.
Article 2: generate the corresponding process at startup
Article 3: Title of the Authentication Window
Article 4: Validity Period of certification
Configure chpasswd. cgi to allow the client to change its Internet password through IE:
1. Installation
./Configure & make install
The above operation will generate:
A,/usr/local/etc/chpasswd. conf configuration file
B./usr/local/etc/chpasswd. log File
C. chpasswd. cgi will be copied to the/var/www/cgi-bin directory.
C. Other files
2. Configuration File
[Root @ localhost ~] # Cat/usr/local/etc/chpasswd. conf | grep-v ^ #
Password_file/home/squiduser # Password File Location
Ip_auth/usr/local/etc/chpasswd/ipauth # permitted IP login range
Header "Change your Squid account password" # webpage topic information
Minimum_length 4 # Minimum Password Length
Maximum_length 10 # Maximum Password Length
Enable_log/usr/local/etc/chpasswd. log # Allow log Function
Show_pwd yes # allows you to view the modified password information in the log
Ncsa_plus off # disable ncsa_plus
Denyfile/etc/squid/denyuser # prevent users in the denyuser file from logging on and changing their passwords
In addition, other functions can improve the password security, such as the minimum number of letters and the minimum number, so as to improve the complexity of the password. We will not describe it here.
After the chpasswd is configured, I cannot change the password. I always prompt that the password file cannot be found! Very depressing, so I checked the other two files in the configuration file and found that these two files are not built by the system, but by myself.
# Touch/usr/local/etc/chpasswd/ipauth
# Echo "0.0.0.0" & gt;/usr/local/etc/chpasswd/ipauth
# Touch/etc/squid/denyuser
# Chmod 777 Password File <squid Password File>
After completing the preceding operations, you can successfully log on and change the password. How many images are there!
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "432" border = "0" title = "1" style = "border: 0px none;" alt = "1" src = "http://www.bkjia.com/uploads/allimg/131227/0U4542P5-1.jpg"/>
The password is successfully modified!
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "433" border = "0" title = "2" style = "border: 0px none;" alt = "2" src = "http://www.bkjia.com/uploads/allimg/131227/0U4544b9-2.jpg"/>
Check the log! You can see the User Password Change record! The new password of the user is displayed! My new password is 123456789.
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "406" border = "0" title = "4" style = "border: 0px none;" alt = "4" src = "http://www.bkjia.com/uploads/allimg/131227/0U4546316-3.jpg"/>
This article from the "diving into the ocean of technology" blog, please be sure to keep this source http://myhat.blog.51cto.com/391263/484876