Time for action – configuring Negotiate authentication

Negotiate/Kerberos authentication is provided by the negotiate_kerberos_auth authentication helper. Next, we'll learn to configure the system running Squid to enable Negotiate authentication.

First of all, we need to generate a keytab file using the ktpass utility on a Windows machine, as shown:
```
ktpass -princ HTTP/proxy.example.com@REALM -mapuser proxy.example.com -crypto rc4-hmac-nt pass s3cr3t -ptype KRB5_NT_SRV_HST -out squid.keytab
```
We should make sure that we have a proxy.example.com user account on our Windows machine before generating the keytab file. Once the keytab file is generated, move it to an appropriate location on the Squid server, for example, /opt/squid/etc/squid.keytab. We ...

Get Squid Proxy Server 3.1 Beginner's Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Squid Proxy Server 3.1 Beginner's Guide by Kulbir Saini

Time for action – configuring Negotiate authentication

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly