| delorie.com/archives/browse.cgi | search |
| X-Spam-Check-By: | sourceware.org |
| Message-ID: | <31b7d2790610261433q27e04c9bnf615dd94b7952301@mail.gmail.com> |
| Date: | Thu, 26 Oct 2006 16:33:05 -0500 |
| From: | "DePriest, Jason R." <jrdepriest AT gmail DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: How to go through a company proxy with ssh ? |
| In-Reply-To: | <4540FE87.7000504@cesmail.net> |
| MIME-Version: | 1.0 |
| References: | <1161879106 DOT 4540de42eeb55 AT imp6-g19 DOT free DOT fr> <a5f030530610260926j323fb3d4lb72fa6e0896a8172 AT mail DOT gmail DOT com> <4540FE87 DOT 7000504 AT cesmail DOT net> |
| X-IsSubscribed: | yes |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Unsubscribe: | <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
On 10/26/06, M. Edward (Ed) Borasky <> wrote: > Brett Serkez wrote: > > While this is being addressed as a technical issue, the proxy server > > is presumably used to implement company policy. While you will likely > > succeed in circumventing the proxy server, will this put you in > > violation of company policy? What might the consequences be if a > > threat entered the company network via this circumvention? What will > > you say to management if they question why you circumvented the proxy > > server? > > > > Just food for thought.... "Business need" always trumps "security" in my experience. That's why I work in IT Risk Management instead of Data Security. Regardless, here is how my corkscrew is set up to work properly. We have Blue Coat proxies that require authentication (tied to active directory). I have a file called ~/.ssh/jrdepriest.auth that has a single line: proxy_user:proxy_pass (obviously with the actual user name and password) My ~/.ssh/config file has a section ike this: Host ww.xx.yy.zz Connection Attempts 5 ConnectionTimeout 10 Protocol 2,1 LogLevel DEBUG3 ProxyCommand /usr/local/bin/corkscrew proxy.domain.com:8080 %h %p ~/.ssh/jrdepriest.auth When I run ssh user AT ww DOT xx DOT yy DOT zz, it automatically invokes the corkscrew command which reads my user name and password from the auth file and sends the information to port 8080 on our proxy server (HTTP, not HTTPS or SOCKS or FTP which are also all available). It just works. -Jason -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |