Pair authentication, Allow/Deny, Encryption with Port/SSLPort #1469

michaelrsweet opened this Issue Mar 9, 2006 · 1 comment


None yet
1 participant

michaelrsweet commented Mar 9, 2006

Version: -feature User: relovett

I would like to configure cupsd to use no authentication on port 631 for one network interface and to use authentication and encryption on a second port for all other addresses.

Currently I have to run two cupsd instances; a normal one setup on port 631, and a second instance on another (SSLPort) port where each queue forward jobs onto the non-secure cups instance. This requires a lot of configuration overhead. (twice as many queues)

I suppose this feature is a bit like apache's virtualhosts.


michaelrsweet commented Mar 13, 2006 User: mike

Um, you should be able to use the following in CUPS 1.1.x:

<Location /foo>
Satisfy Any
Order allow,deny
Allow  # your one network
AuthType Basic
Encryption Required

If you connect from the 11.22.33 network, you are allowed without providing a password, but the connection will always be encrypted.

In CUPS 1.2, you can drop the "Encryption Required" bit and let the "DefaultEncryption" setting turn on encryption with authentication.

In short, I think we can do what you want already.

michaelrsweet added this to the Stable milestone Mar 17, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment