Hi,
I have a scenario where we have access to web resources controlled
by IP range (campus) and users off campus who don't want to have to
dial in internationally to our system to access said resources.

I've solved this by setting up squid with the ldap helper and forcing all use
of the cache to be authenticated. Problem solved.

However, (There's always one) this means our users passwords are flying about
clear text which isn't ideal.

Is there a solution which will encrypt the users passwords which still allowing
me to authenticate them with the same username/password they use for everything
else locally. The passwords could be checked via NIS (Unix Crypt) or LDAP
(crypt ntpasswd lmpasswd) We have and strive to keep a single password per
user.

I'm quite happy to use beta software if the answers is Squid 3 does this
but don't
want to lock our remote users to one platform/ OS (One browser if it's
cross platform isn't too bad)

Cheers,
Duncan