Provided by: squid-openssl_5.6-1ubuntu3_amd64 bug


       basic_pam_auth - PAM Basic authentication helper for Squid


       basic_pam_auth [-n service name  TTL ] [-o] [-1]


       basic_pam_auth  allows Squid to connect to a mostly any available PAM database to validate
       the user name and password of Basic HTTP authentication.


       -s  service-name
                   Specifies the PAM service name Squid uses, defaults to squid

       -t  TTL     Enables persistent PAM connections where the connection to the PAM database is
                   kept open and reused for new logins. The TTL specifies how long the connection
                   will be kept open (in seconds).  Default is to not keep PAM connections  open.
                   Please note that the use of persistent PAM connections is slightly outside the
                   PAM specification and may not work with all PAM configurations.

       -o          Do not perform the PAM account management group (account expiration etc)


       The program needs a PAM service to be configured in /etc/pam.conf or /etc/pam.d/squid

       The default service name is squid , and the program makes use  of  the  auth  and  account
       management groups to verify the password and the accounts validity.

       For  details  on how to configure PAM services, see the PAM documentation for your system.
       This manual does not cover PAM configuration details.


       When used for authenticating to local UNIX shadow password databases the program  must  be
       running  as  root or else it won't have sufficient permissions to access the user password
       database. Such use of this program is not recommended, but if you absolutely need to  then
       make the program setuid root

              chown root basic_pam_auth
              chmod u+s basic_pam_auth

       Please  note  that in such configurations it is also strongly recommended that the program
       is moved into a directory where normal users cannot access it, as this mode  of  operation
       will  allow any local user to brute-force other users passwords. Also note the program has
       not been fully audited and the author cannot be held responsible for any  security  issues
       due to such installations.


       This program and documentation was written by Henrik Nordstrom <>


        * Copyright (C) 1996-2022 The Squid Software Foundation and contributors
        * Squid software is distributed under GPLv2+ license and includes
        * contributions from numerous individuals and organizations.
        * Please see the COPYING and CONTRIBUTORS files for details.

       Squid  basic_pam_auth  and  this  manual  is  Copyright  1999,2002,2003  Henrik  Nordstrom
       <> Distributed under the GNU General Public License (GNU GPL) version 2
       or later (GPLv2+).


       Questions on the usage of this program can be sent to the Squid Users mailing list <squid->


       Bug    reports    need    to    be    made    in    English.     See    http://wiki.squid-  for  details  of  what  you need to include with your bug

       Report bugs or bug fixes using

       Report serious security bugs to Squid Bugs <>

       Report  ideas  for  new  improvements  to  the  Squid  Developers  mailing  list   <squid->


       squid(8), pam(3), pam.conf(5), chown(1), chmod(1), GPL(7),
       PAM Systems Administrator Guide
       The Squid FAQ wiki
       The Squid Configuration Manual

                                            5 Sep 2003                          basic_pam_auth(8)