Man Linux: Main Page and Category List


       pam_auth - Squid PAM authentication helper


       squid_pam_auth [-n "service name"] [-t TTL] [-o] [-1]


       This  helper  allows  Squid  to  connect  to a mostly any available PAM
       database  to  validate  the  user  name  and  password  of  Basic  HTTP

       -s service-name
              Specifies the PAM service name Squid uses, defaults to "squid"

       -t TTL Enables  persistent  PAM connections where the connection to the
              PAM database is kept open and reused for  new  logins.  The  TTL
              specifies  how  long  the  connection  will  be  kept  open  (in
              seconds).  Default is to not keep PAM connections  open.  Please
              note  that  the  use  of  persistent PAM connections is slightly
              outside the PAM specification and may  not  work  with  all  PAM

       -o     Do  not  perform  the  PAM  account  management  group  (account
              expiration etc)


       The program needs a PAM service to be configured  in  /etc/pam.conf  or

       The  default  service name is "squid", and the program makes use of the
       'auth' and 'account' management groups to verify the password  and  the
       accounts validity.

       For details on how to configure PAM services, see the PAM documentation
       for your system. This manual does not cover PAM configuration  details.


       When  used  for  authenticating to local UNIX shadow password databases
       the program must be running as root or else it  won't  have  sufficient
       permissions  to  access  the  user  password database. Such use of this
       program is not recommended, but if you absolutely need to then make the
       program setuid root

              chown root pam_auth
              chmod u+s pam_auth

       Please note that in such configurations it is also strongly recommended
       that the program is moved into a directory where  normal  users  cannot
       access  it,  as  this  mode  of  operation will allow any local user to
       brute-force other users passwords. Also note the program has  not  been
       fully  audited  and  the  author  cannot  be  held  responsible for any
       security issues due to such installations.


       Squid  pam_auth  and  this  manual  is  written  by  Henrik   Nordstrom


       Squid  pam_auth  and  this  manual  is  Copyright 1999,2002,2003 Henrik
       Nordstrom <>


       Questions on the usage of this program can be sent to the  Squid  Users
       <> mailing list.


       Report  bugs or bug-fixes to Squid Bugs <> or
       ideas  for  new  improvements  to  Squid  Developers  <squid-dev@squid->


       pam(8), PAM Systems Administrator Guide