[X2Go-Dev] Bug#34: SSH_OPTIONS_FD

Mike Gabriel mike.gabriel at das-netzwerkteam.de
Tue Sep 25 10:12:16 CEST 2012 

Hi Alex, hi Heinrich,

On Di 25 Sep 2012 01:17:56 CEST Oleksandr Shneyder wrote:

> Am 24.09.2012 23:22, schrieb Xypron:
>> Using libssh compiled from
>> http://git.libssh.org/projects/libssh.git/log/?h=v0-5
>> I now can successfully connect via a proxy server to a SSH server.
>> My coding is available at
>> svn co http://www.xypron.de/svn/x2go/x2goclient/branches/proxy/
>>
>> The changes in sshmasterconnection.* and connectionwidget.* are complete
>> to my understanding.
>> In onmainwindow I have only treated one of three entrypoints to
>> sshmasterconnection. E.g. LDAP is not proxy enabled yet.
>> In onmainwindow the proxy password field I introduced possibly should
>> only be shown if a proxy is used and a login provided.
>>
>> Best regards
>>
>> Heinrich
>
> Hello Heinrich,
>
> I've checked your code and it looks good for me. I'll include it in
> master branch soon. You have developed support for HTTP proxy. I'm
> working now on a little more complex case - SSH proxy with
> password/public key authentication. In the future user should be able to
> choose between HTTP and SSH proxy.

Alex, I would be very pleased if you could reuse the sshproxy options  
available in PyHoca-GUI:

usesshproxy (Bool)
sshproxyuser (String)
sshproxykeyfile (Pathname)
sshproxyhost = (String, Host:Port) (example: myhost.somedomain.tld:32032)
sshproxytunnel (String) (example:  
127.0.0.1:22234:<ip-or-host-behind-proxy>:22)

> I have a one notice. In your case HTTP protocol is used for proxy. It is
> mean, that user name and password will be transmitted unencrypted. It
> can follow to security issues. Can you think about HTTPS support? This
> should be not very difficult, as Qt already supports SSL. You can check
> code of HttpBrockerClient class in X2Go Client, which can use HTTPS
> connections.

HTTP should not be available... only HTTPS.

> And one more thing, as I understood, this code work only with recent
> version of libssh. We should think, how can we make it available for
> distributions like squeeze. Such distributions should be also supported
> by X2Go Client.

Let me know what the minimum of a version of libssh is that you need.  
I will see that our Debian and Ubuntu archives have the needed version  
available (unless the distro itself has the proper version).

Greets,
Mike

-- 

DAS-NETZWERKTEAM
mike gabriel, rothenstein 5, 24214 neudorf-bornstein
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digitale PGP-Unterschrift
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20120925/82db6dca/attachment.pgp>

More information about the x2go-dev mailing list