[rc5] password firewalls

Greg Wooledge wooledge at kellnet.com
Sat Aug 23 14:44:54 EDT 1997


Looking through the archive, I saw that someone else is having the
same trouble I had at work.  Start here:

http://www.teamlinux.org/wwwboard/messages/325.html

to save me some retyping. ;-)

OK, first step is to generate your authentication string.  This is a
base-64 encoded version of username:password.

$ uuencode -v
uuencode - GNU sharutils 4.2
$ echo foo:bar | uuencode -m dummy
begin-base64 644 dummy
Zm9vOmJhcgo=
====

The part you want is "Zm9vOmJhcgo=".  That's your authentication string.
For my firewall, I put that into a line that looks like this:

Proxy-authorization: Basic Zm9vOmJhcgo=

This line (followed by \015\012) needs to be included in every HTTP
request that goes to the firewall.  I just added a line to Apache
(apache_1.2.3/src/modules/proxy_http.c, I think).  I'm not at work
now, so I can't look it up, but it was fairly obvious where to add it.
If this message doesn't have enough information, let me know and I can
generate an actual diff.

Of course, this is a horrible kludge.  I'll have to recompile apache
(not a big deal) if I change my firewall password.  The worse part is
that, if anyone guesses what machine & port it's running on, they can
get out through the firewall using my ID.  So you may want to choose a
non-obvious port number.

------------                  Greg Wooledge                  -------------
-------                   wooledge at kellnet.com                     -------
---              http://kellnet.com/wooledge/main.html                 ---

----
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.



More information about the rc5 mailing list