This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: How to go through a company proxy with ssh ?
On 10/26/06, M. Edward (Ed) Borasky <> wrote:
Brett Serkez wrote:
> While this is being addressed as a technical issue, the proxy server
> is presumably used to implement company policy. While you will likely
> succeed in circumventing the proxy server, will this put you in
> violation of company policy? What might the consequences be if a
> threat entered the company network via this circumvention? What will
> you say to management if they question why you circumvented the proxy
> server?
>
> Just food for thought....
"Business need" always trumps "security" in my experience. That's why
I work in IT Risk Management instead of Data Security.
Regardless, here is how my corkscrew is set up to work properly.
We have Blue Coat proxies that require authentication (tied to active
directory).
I have a file called ~/.ssh/jrdepriest.auth that has a single line:
proxy_user:proxy_pass (obviously with the actual user name and password)
My ~/.ssh/config file has a section ike this:
Host ww.xx.yy.zz
Connection Attempts 5
ConnectionTimeout 10
Protocol 2,1
LogLevel DEBUG3
ProxyCommand /usr/local/bin/corkscrew proxy.domain.com:8080 %h %p
~/.ssh/jrdepriest.auth
When I run ssh user@ww.xx.yy.zz, it automatically invokes the
corkscrew command which reads my user name and password from the auth
file and sends the information to port 8080 on our proxy server (HTTP,
not HTTPS or SOCKS or FTP which are also all available).
It just works.
-Jason
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/