Hello Mike, in enterprise settings it is good practice to require authentication at the proxy to be able to be able log which user is doing what.
Best regards Heinrich -------- Original-Nachricht -------- > Datum: Tue, 25 Sep 2012 10:25:25 +0200 > Von: Mike Gabriel <mike.gabr...@das-netzwerkteam.de> > An: glpk xypron <xypron.g...@gmx.de>, 3...@bugs.x2go.org > CC: Oleksandr Shneyder <oleksandr.shney...@obviously-nice.de> > Betreff: Re: [X2Go-Dev] Bug#34: SSH_OPTIONS_FD > Hi, > > On Di 25 Sep 2012 05:08:19 CEST glpk xypron wrote: > > > I am not aware of proxies being contacted over https. > > Hmmm... this indeed is true... The feature will mostly be an > inside-to-outside connection. Hmmm... To get it clear, would we send > http-proxy authentication strings in cleartext to the proxy server or > would we send the remote X2Go server credentials to the proxy in > cleartext. > > Sending proxy auth in cleartext probably is common practice (?). Most > proxy setups do not even need an auth-against-the-proxy. > > This feature clearly needs a good documentation so that we do not > false security alarms on the mailing lists!!! > > Mike > > > -- > > DAS-NETZWERKTEAM > mike gabriel, rothenstein 5, 24214 neudorf-bornstein > fon: +49 (1520) 1976 148 > > GnuPG Key ID 0x25771B31 > mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de > > freeBusy: > https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb _______________________________________________ X2Go-Dev mailing list X2Go-Dev@lists.berlios.de https://lists.berlios.de/mailman/listinfo/x2go-dev
