[X2Go-Dev] Bug#34: SSH_OPTIONS_FD
glpk xypron
xypron.glpk at gmx.de
Tue Sep 25 15:10:58 CEST 2012
Hello Mike,
in enterprise settings it is good practice to require authentication at the proxy to be able to be able log which user is doing what.
Best regards
Heinrich
-------- Original-Nachricht --------
> Datum: Tue, 25 Sep 2012 10:25:25 +0200
> Von: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
> An: glpk xypron <xypron.glpk at gmx.de>, 34 at bugs.x2go.org
> CC: Oleksandr Shneyder <oleksandr.shneyder at obviously-nice.de>
> Betreff: Re: [X2Go-Dev] Bug#34: SSH_OPTIONS_FD
> Hi,
>
> On Di 25 Sep 2012 05:08:19 CEST glpk xypron wrote:
>
> > I am not aware of proxies being contacted over https.
>
> Hmmm... this indeed is true... The feature will mostly be an
> inside-to-outside connection. Hmmm... To get it clear, would we send
> http-proxy authentication strings in cleartext to the proxy server or
> would we send the remote X2Go server credentials to the proxy in
> cleartext.
>
> Sending proxy auth in cleartext probably is common practice (?). Most
> proxy setups do not even need an auth-against-the-proxy.
>
> This feature clearly needs a good documentation so that we do not
> false security alarms on the mailing lists!!!
>
> Mike
>
>
> --
>
> DAS-NETZWERKTEAM
> mike gabriel, rothenstein 5, 24214 neudorf-bornstein
> fon: +49 (1520) 1976 148
>
> GnuPG Key ID 0x25771B31
> mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de
>
> freeBusy:
> https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
More information about the x2go-dev
mailing list