Am 25.09.2012 11:21, schrieb Mike Gabriel:
hi Alex,
On Di 25 Sep 2012 11:13:16 CEST Oleksandr Shneyder wrote:
I don't want to disable any features. I only say, it is nice to have a possibility to send authentication data to server encrypted. In LAN it is not a such big problem to send it in clear text. But in case of SSH-Proxy it is an Internet connection. And I want, that every one, who use this feature with X2Go know, that sending unecrypted data over Internet is not safe. And that should not be the same authentication data as used on other servers.
With SSH proxy support you normally do _not_ send passwords unencrypted.
Manual SSH proxy tunnel: ssh -l<proxy-user> <proxy-host> -L 127.0.0.1:<some-local-port>:<ip-or-host-behind-proxy>:<ssh-port-on-remote-host>
and then an X2Go session to
Hostname: 127.0.0.1 Port: <some-local-port> User: <ssh-user-on-remote-host>
Both SSH authentications do not reveal clear text credentials. So, I am wondering what your SSH proxy strategy will be(?).
I mean SSH over HTTP Proxy with authentication on Proxy-Server with clear text. There is no security problem in case you described.
Greets, Mike
X2Go-Dev mailing list X2Go-Dev@lists.berlios.de https://lists.berlios.de/mailman/listinfo/x2go-dev
-- Oleksandr Shneyder Dipl. Informatik X2go Core Developer Team
email: oleksandr.shneyder@obviously-nice.de web: www.obviously-nice.de
--> X2go - everywhere@home