Squid3 + amd64 + local auth FAILS



  • I need help urgently please.  I have pfSense 2.2.1 amd64 and squid3.  All I did was to enable "Allow users on interface", disable transparent proxy, enable local authentication, added three user accounts under the Users tab and tried to authenticate.  I get the popup box for my proxy password on my computer, but entering it does nothing - it just redisplays it.  Squid's logs is of no use as they just show access denied.

    I dug deeper and ran this command by hand:
    /usr/pbi/squid-amd64/local/libexec/squid/basic_ncsa_auth /var/etc/squid.passwd

    which returned an error:
    Shared object "libmd5.so.0" not found, required by "basic_ncsa_auth"

    So I did:
    ln -s /usr/pbi/squid-amd64/local/lib/libmd5.so.0.1.0 /lib/libmd5.so.0
    ldconfig

    and tried again:
    /usr/pbi/squid-amd64/local/libexec/squid/basic_ncsa_auth /var/etc/squid.passwd

    it returned no errors this time.

    So I rebooted pfSense and tried again - still no go.  Squid keeps on issuing login prompts and the credentials do not work.  Any ideas?

    UPDATE: It seems if I enter a simple password of 8 characters or less it works, more than that and it fails??



  • If I remember right, the password can't be more than 8 chars long.



  • Thanks for your reply.  Any idea why?  8 characters is kind of outdated.  It can be brute forced in less than a day on commodity hardware.  Does it have anything to do with DES being used?  Any way to work around this?  Other than going for an LDAP authentication?



  • I have no idea about any of your questions, sorry.


Log in to reply