On 10/26/06, M. Edward (Ed) Borasky <> wrote:
Brett Serkez wrote: > While this is being addressed as a technical issue, the proxy server > is presumably used to implement company policy. While you will likely > succeed in circumventing the proxy server, will this put you in > violation of company policy? What might the consequences be if a > threat entered the company network via this circumvention? What will > you say to management if they question why you circumvented the proxy > server? > > Just food for thought....
"Business need" always trumps "security" in my experience. That's why I work in IT Risk Management instead of Data Security. Regardless, here is how my corkscrew is set up to work properly. We have Blue Coat proxies that require authentication (tied to active directory). I have a file called ~/.ssh/jrdepriest.auth that has a single line: proxy_user:proxy_pass (obviously with the actual user name and password) My ~/.ssh/config file has a section ike this: Host ww.xx.yy.zz Connection Attempts 5 ConnectionTimeout 10 Protocol 2,1 LogLevel DEBUG3 ProxyCommand /usr/local/bin/corkscrew proxy.domain.com:8080 %h %p ~/.ssh/jrdepriest.auth When I run ssh [EMAIL PROTECTED], it automatically invokes the corkscrew command which reads my user name and password from the auth file and sends the information to port 8080 on our proxy server (HTTP, not HTTPS or SOCKS or FTP which are also all available). It just works. -Jason -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/