On 3/02/25 18:25, NgTech LTD wrote:
What i was talking about is using both the auth helper and the external
ack helper.
Using an ACL helper is just extra complication that is not needed and
the "Keep It Simple" (KIS) principle of design is very important for
security systems.
For "global"
What i was talking about is using both the auth helper and the external ack
helper.
The password is static but the authorization itself is done via some push
or another totp method that will authorize the login for a specific amount
of time.
And indeed it will kind of degrade the connection to 1fa
On 3/02/25 00:43, NgTech LTD wrote:
What would make a 2fa in squid case?
When receiving a new login attempt the authentication (auth_param)
helper should initiate whatever side-channel token delivery is needed.
Then return "ERR" to Squid as usual.
Replace the login challenge error messa
What would make a 2fa in squid case?
Thanks,
Eliezer
בתאריך יום א׳, 2 בפבר׳ 2025, 13:22, מאת Amos Jeffries :
> On 2/02/25 07:43, ngtech1ltd wrote:
> > Hey,
> >
> > I was wondering if anyone have implemented any 2FA with squid.
> >
> > IE a simple forward proxy that implements an external ACL h
On 2/02/25 07:43, ngtech1ltd wrote:
Hey,
I was wondering if anyone have implemented any 2FA with squid.
IE a simple forward proxy that implements an external ACL helper that
Ah, that would not be "authentication".
2FA is done through Squid auth_param and authentication helpers same as
"no
Hey,
I was wondering if anyone have implemented any 2FA with squid.
IE a simple forward proxy that implements an external ACL helper that allows
a specific user to access from a specific src ip address for a specific
period of time.
For example 1 Hour since login.
The thing is that it can be
