-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi,
I am using X2go broker with SSH proxy to have X2go servers sit behind the broker not directly reachable from the internet. Like this, I need Users have access to ports 443 (usually not a problem) and SSH (very often a problem). Problem is that users tend to sit behind transparent http/https proxies, so SSH won't get out. I would like to see everything being done through HTTPs so we can trick proxies.
Is this going to be implemented in the near future or maybe even already possible somehow?
cheers Mathias -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJSbgt3AAoJEA7RPiZyzgdIIRoP/A4d6rYcYk2NbNW7Zalc5viU u6lDE4KGPl9m7b7TbXs7X30FWGN/1wsyKFo262nrJHUX/UiiWjrIiSlRewxAg2dT AFsiNaLPfQc/GW/nSm0qOdAz/pCBlNTTeNa2HY/K6bOCyzv5kcsuqI8RjDZXV06E /tsvDeD/HR+C8ZHvsnHYDgmn12ftgpS1pJ/P5AM6ATTU3eKDC30OkJ4q46Ykim8W CbrMCDtElEUI3XXi6D33mYWKEAJyrIR10KvFMyZuG4o6E8lq0olT5FCFItyJTV+x i4KJWf/jAM3DDcJFNqICziSnLJcOTGt2PVBe8pZH9uidMVacztoJ0sBlOk/alTe1 nM4zUbToaGA4dwNPgBcJjdmywwXF7rXGqgp8Wm/VJ0u4mobm/NkNbsyWI5Q+TVcO huf250kDaDb8+eqIP23JttKr+FYT3eZ6D5KKIQeYeomgu/zopsPHSFi5gIexQclf 5aT87URNae+efIjayydjyP8DTEFh3Hw1QkdEgJYyfQlgh5lecYdsi+74G8MA3PoI NJpDUPsKtya4gIM3F3fTd3ucxYXXP6Z5qod7pDG6uIEwvImcbT9cbkNidnf01ROE g43lrBrhQ2C3pW2fhQi7skNI4Q2uA1wd1Qq8lPcTxoAl6wY6iS5Wut6aMwyJxmOm z5YtX+C+HkTb7kubtDtP =F+9b -----END PGP SIGNATURE-----
Hi Mathias, Cc: to Heinrich Schuchardt
On Mo 28 Okt 2013 08:00:08 CET, Mathias Ewald wrote:
Hi,
I am using X2go broker with SSH proxy to have X2go servers sit behind the broker not directly reachable from the internet. Like this, I need Users have access to ports 443 (usually not a problem) and SSH (very often a problem). Problem is that users tend to sit behind transparent http/https proxies, so SSH won't get out. I would like to see everything being done through HTTPs so we can trick proxies.
Is this going to be implemented in the near future or maybe even already possible somehow?
cheers Mathias
X2Go Client has a not very well tested patch for HTTPs proxying
(instead of SSH proxying) included. However, this requires a recent
libssh (IIRC >= 5.x) version.
I have also done a quick test against a non-transparent proxy that
does not require authentication. The session startup failed with this
setup. I will Cc: the provider of that patch in this mail.
@Heinrich: you provide this patch [1]. Do you have any clue on the
status of this patch? Does it work in one of your setups?
Greets, Mike
[1]
http://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=33c6eeb64f212bc2...
--
DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...
-
Mathias Ewald -
Mike Gabriel