install libpam-radius-auth
apt-get install libpam-radius-auth
open /etc/pam_radius_auth.conf
nano /etc/pam_radius_auth.conf
and add the following lines into it. Your_IP and PORT are the IP address and Port of Radius sever. SecretKey is the Secret of radius server. 3 is the timeout in seconds.
# server[:port] shared_secret timeout (s) YOUR_IP:PORT SecretKey 3
Change the permissions :
chown root /etc/pam_radius_auth.conf chmod +r /etc/pam_radius_auth.conf
create /etc/pam.d/squid :
nano /etc/pam.d/squid
and add the following lines :
auth sufficient pam_radius_auth.so account sufficient pam_radius_auth.so
Now install Squid if you have not installed it yet :
apt-get install squid
Lets try and see if Squid PAM works successfully through Radius auth, run the following command and enter username and password with a space between them :
/usr/lib/squid/pam_auth username password OK
OK means radius server has accepted the authentication details. ERR means there is a problem.
Now configure Squid to use pam_ath, open /etc/squid/squid.conf :
nano /etc/squid/squid.conf
Add the following lines to the begging of the file :
auth_param basic program /usr/lib/squid/pam_auth auth_param basic children 5 auth_param basic realm REALM auth_param basic credentialsttl 2 hours
Add following line in acl section :
acl password proxy_auth REQUIRED
Add following line before http_access deny all :
http_access allow password