How To install and Configure User Authentication in Squid on Rocky Linux 8.6
- 00:29 cat /etc/os-release
- 00:38 yum install squid*
- 00:56 systemctl start squid.service
- 01:05 yum install httpd
- 01:23 systemctl start ht
- 01:28 systemctl start httpd.service
- 01:39 htpasswd -c /etc/squid/squid_passwd user1
- 01:58 touch /etc/squid/passwd
- 02:14 vim /etc/squid/squid.conf
- 02:48 cd /usr/lib/
- 02:57 mkdir -p squid/basic_ncsa_auth
- 03:28 vim /etc/squid/block.text
- 03:52 systemctl restart squid
{{postValue.id}}
To Install And Configure User Authentication In Squid On Rocky Linux 8.6
Introduction:
Squid is a proxy server that works as an intermediate between the internet and a local network. The purpose of this configuration is to permit the Squid user to access the internet with their own login credentials using nsca_auth.
Installation and Configuration procedure.
Step 1: Check the OS version by using the below command
[root@linuxhelp ~]# cat /etc/os-release
NAME="Rocky Linux"
VERSION="8.6 (Green Obsidian)"
ID="rocky"
ID_LIKE="rhel centos fedora"
VERSION_ID="8.6"
PLATFORM_ID="platform:el8"
PRETTY_NAME="Rocky Linux 8.6 (Green Obsidian)"
ANSI_COLOR="0;32"
CPE_NAME="cpe:/o:rocky:rocky:8:GA"
HOME_URL="https://rockylinux.org/"
BUG_REPORT_URL="https://bugs.rockylinux.org/"
ROCKY_SUPPORT_PRODUCT="Rocky Linux"
ROCKY_SUPPORT_PRODUCT_VERSION="8"
REDHAT_SUPPORT_PRODUCT="Rocky Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="8"
Step 2: Next install the Squid Proxy Server by using the below command
[root@linuxhelp ~]# yum install squid*
Rocky Linux 8 - AppStream 441 B/s | 4.8 kB 00:11
Rocky Linux 8 - AppStream 7.1 MB/s | 11 MB 00:01
Rocky Linux 8 - BaseOS 4.9 kB/s | 4.3 kB 00:00
Rocky Linux 8 - BaseOS 7.2 MB/s | 9.0 MB 00:01
Rocky Linux 8 - Extras 4.0 kB/s | 3.5 kB 00:00
Rocky Linux 8 - Extras 12 kB/s | 12 kB 00:00
Dependencies resolved.
=================================================================================================
Package Arch Version Repository Size
=================================================================================================
Installing:
squid x86_64 7:4.15-3.module+el8.6.0+1044+67ab5d0a.2 appstream 3.6 M
Installing dependencies:
libecap x86_64 1.0.1-2.module+el8.4.0+404+316a0dc5 appstream 28 k
perl-Digest-SHA x86_64 1:6.02-1.el8 appstream 65 k
Enabling module streams:
squid 4
Transaction Summary
=================================================================================================
Install 3 Packages
Total download size: 3.7 M
Installed size: 12 M
Is this ok [y/N]: y
Downloading Packages:
(1/3): libecap-1.0.1-2.module+el8.4.0+404+316a0dc5.x86_64.rpm 196 kB/s | 28 kB 00:00
(2/3): perl-Digest-SHA-6.02-1.el8.x86_64.rpm 332 kB/s | 65 kB 00:00
(3/3): squid-4.15-3.module+el8.6.0+1044+67ab5d0a.2.x86_64.rpm 11 MB/s | 3.6 MB 00:00
-------------------------------------------------------------------------------------------------
Total 3.3 MB/s | 3.7 MB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Running scriptlet: squid-7:4.15-3.module+el8.6.0+1044+67ab5d0a.2.x86_64 1/1
Preparing : 1/1
Installing : perl-Digest-SHA-1:6.02-1.el8.x86_64 1/3
Installing : libecap-1.0.1-2.module+el8.4.0+404+316a0dc5.x86_64 2/3
Running scriptlet: libecap-1.0.1-2.module+el8.4.0+404+316a0dc5.x86_64 2/3
Running scriptlet: squid-7:4.15-3.module+el8.6.0+1044+67ab5d0a.2.x86_64 3/3
Installing : squid-7:4.15-3.module+el8.6.0+1044+67ab5d0a.2.x86_64 3/3
Running scriptlet: squid-7:4.15-3.module+el8.6.0+1044+67ab5d0a.2.x86_64 3/3
Verifying : libecap-1.0.1-2.module+el8.4.0+404+316a0dc5.x86_64 1/3
Verifying : perl-Digest-SHA-1:6.02-1.el8.x86_64 2/3
Verifying : squid-7:4.15-3.module+el8.6.0+1044+67ab5d0a.2.x86_64 3/3
Installed:
libecap-1.0.1-2.module+el8.4.0+404+316a0dc5.x86_64 perl-Digest-SHA-1:6.02-1.el8.x86_64
squid-7:4.15-3.module+el8.6.0+1044+67ab5d0a.2.x86_64
Complete!
Step 3: Start the Squid service by running the below command.
[root@linuxhelp ~]# systemctl start squid.service
Step 4: Next install Apache service in the system by executing the following apt install command.
[root@linuxhelp ~]# yum install httpd
Last metadata expiration check: 0:00:28 ago on Wednesday 02 November 2022 05:03:44 AM IST.
Dependencies resolved.
=================================================================================================
Package Arch Version Repository Size
=================================================================================================
Installing:
httpd x86_64 2.4.37-47.module+el8.6.0+985+b8ff6398.2 appstream 1.4 M
Installing dependencies:
apr x86_64 1.6.3-12.el8 appstream 128 k
apr-util x86_64 1.6.1-6.el8.1 appstream 104 k
httpd-filesystem noarch 2.4.37-47.module+el8.6.0+985+b8ff6398.2 appstream 40 k
httpd-tools x86_64 2.4.37-47.module+el8.6.0+985+b8ff6398.2 appstream 107 k
mod_http2 x86_64 1.15.7-5.module+el8.6.0+823+f143cee1 appstream 153 k
rocky-logos-httpd noarch 86.2-1.el8 baseos 24 k
Installing weak dependencies:
apr-util-bdb x86_64 1.6.1-6.el8.1 appstream 23 k
apr-util-openssl x86_64 1.6.1-6.el8.1 appstream 26 k
Enabling module streams:
httpd 2.4
Transaction Summary
=================================================================================================
Install 9 Packages
Total download size: 2.0 M
Installed size: 5.4 M
Is this ok [y/N]: y
Downloading Packages:
(1/9): apr-util-bdb-1.6.1-6.el8.1.x86_64.rpm 155 kB/s | 23 kB 00:00
(2/9): apr-1.6.3-12.el8.x86_64.rpm 637 kB/s | 128 kB 00:00
(3/9): apr-util-openssl-1.6.1-6.el8.1.x86_64.rpm 500 kB/s | 26 kB 00:00
(4/9): apr-util-1.6.1-6.el8.1.x86_64.rpm 501 kB/s | 104 kB 00:00
(5/9): httpd-filesystem-2.4.37-47.module+el8.6.0+985+b8ff6398.2. 906 kB/s | 40 kB 00:00
(6/9): httpd-tools-2.4.37-47.module+el8.6.0+985+b8ff6398.2.x86_6 1.1 MB/s | 107 kB 00:00
(7/9): mod_http2-1.15.7-5.module+el8.6.0+823+f143cee1.x86_64.rpm 1.8 MB/s | 153 kB 00:00
(8/9): rocky-logos-httpd-86.2-1.el8.noarch.rpm 616 kB/s | 24 kB 00:00
(9/9): httpd-2.4.37-47.module+el8.6.0+985+b8ff6398.2.x86_64.rpm 8.5 MB/s | 1.4 MB 00:00
-------------------------------------------------------------------------------------------------
Total 1.0 MB/s | 2.0 MB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : apr-1.6.3-12.el8.x86_64 1/9
Running scriptlet: apr-1.6.3-12.el8.x86_64 1/9
Installing : apr-util-bdb-1.6.1-6.el8.1.x86_64 2/9
Installing : apr-util-openssl-1.6.1-6.el8.1.x86_64 3/9
Installing : apr-util-1.6.1-6.el8.1.x86_64 4/9
Running scriptlet: apr-util-1.6.1-6.el8.1.x86_64 4/9
Installing : httpd-tools-2.4.37-47.module+el8.6.0+985+b8ff6398.2.x86_64 5/9
Installing : rocky-logos-httpd-86.2-1.el8.noarch 6/9
Running scriptlet: httpd-filesystem-2.4.37-47.module+el8.6.0+985+b8ff6398.2.noarch 7/9
Installing : httpd-filesystem-2.4.37-47.module+el8.6.0+985+b8ff6398.2.noarch 7/9
Installing : mod_http2-1.15.7-5.module+el8.6.0+823+f143cee1.x86_64 8/9
Installing : httpd-2.4.37-47.module+el8.6.0+985+b8ff6398.2.x86_64 9/9
Running scriptlet: httpd-2.4.37-47.module+el8.6.0+985+b8ff6398.2.x86_64 9/9
Verifying : apr-1.6.3-12.el8.x86_64 1/9
Verifying : apr-util-1.6.1-6.el8.1.x86_64 2/9
Verifying : apr-util-bdb-1.6.1-6.el8.1.x86_64 3/9
Verifying : apr-util-openssl-1.6.1-6.el8.1.x86_64 4/9
Verifying : httpd-2.4.37-47.module+el8.6.0+985+b8ff6398.2.x86_64 5/9
Verifying : httpd-filesystem-2.4.37-47.module+el8.6.0+985+b8ff6398.2.noarch 6/9
Verifying : httpd-tools-2.4.37-47.module+el8.6.0+985+b8ff6398.2.x86_64 7/9
Verifying : mod_http2-1.15.7-5.module+el8.6.0+823+f143cee1.x86_64 8/9
Verifying : rocky-logos-httpd-86.2-1.el8.noarch 9/9
Installed:
apr-1.6.3-12.el8.x86_64
apr-util-1.6.1-6.el8.1.x86_64
apr-util-bdb-1.6.1-6.el8.1.x86_64
apr-util-openssl-1.6.1-6.el8.1.x86_64
httpd-2.4.37-47.module+el8.6.0+985+b8ff6398.2.x86_64
httpd-filesystem-2.4.37-47.module+el8.6.0+985+b8ff6398.2.noarch
httpd-tools-2.4.37-47.module+el8.6.0+985+b8ff6398.2.x86_64
mod_http2-1.15.7-5.module+el8.6.0+823+f143cee1.x86_64
rocky-logos-httpd-86.2-1.el8.noarch
Complete!
Step 5: Start the Apache service by using the below command.
[root@linuxhelp ~]# systemctl start ht
htcacheclean.service httpd.service httpd.socket
Step 6: Next, check the Apache server status by using the below command.
[root@linuxhelp ~]# systemctl start httpd.service
Step 7: Then add the password for the user by running the below command and enter the new password.
[root@linuxhelp ~]# htpasswd -c /etc/squid/squid_passwd user1
New password:
Re-type new password:
Adding password for user user1
Step 8: Create a new file for user by executing the below command.
[root@linuxhelp ~]# touch /etc/squid/passwd
Step 9: Next configure the Squid configuration file using vim editor and add the rule location to the configuration file. Enter the following contents in the file and save it.
[root@linuxhelp ~]# vim /etc/squid/squid.conf
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd
acl ncsa proxy_auth REQUIRED
acl google_users proxy_auth user1
acl block dstdomain " /etc/squid/block.txt"
http_access deny block google_users
http_access allow ncsa
[root@linuxhelp ~]# cd /usr/lib/
[root@linuxhelp lib]# mkdir -p squid/basic_ncsa_auth
Step 10: Now create a file named block.txt for adding the domain name to the block list. Save and exit the file.
[root@linuxhelp lib]# vim /etc/squid/block.text
.facebook.com
.twitter.com
Step 11: Restart the Squid service by using the below command.
[root@linuxhelp lib]# systemctl restart squid
Step 12: Open the browser, go to setting set the manual proxy configuration as shown in the below image.
Step 13: To check the Squid proxy server authentication on client machines. Enter the Squid login credentials displayed on the pop-up window and click ok as shown in the below image.
Conclusion:
We have reached the end of this article. In this guide, we have walked you through the steps required to install and configure User Authentication in Squid on Rocky Linux 8.6. your feedback is much welcome.
Comments ( 0 )
No comments available