This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: How to go through a company proxy with ssh ?

On 10/26/06, M. Edward (Ed) Borasky <> wrote:
Brett Serkez wrote:
> While this is being addressed as a technical issue, the proxy server
> is presumably used to implement company policy.  While you will likely
> succeed in circumventing the proxy server, will this put you in
> violation of company policy?  What might the consequences be if a
> threat entered the company network via this circumvention?  What will
> you say to management if they question why you circumvented the proxy
> server?
> Just food for thought....

"Business need" always trumps "security" in my experience. That's why I work in IT Risk Management instead of Data Security.

Regardless, here is how my corkscrew is set up to work properly.

We have Blue Coat proxies that require authentication (tied to active

I have a file called ~/.ssh/jrdepriest.auth that has a single line:
proxy_user:proxy_pass (obviously with the actual user name and password)

My ~/.ssh/config file has a section ike this:
Host ww.xx.yy.zz
 Connection Attempts 5
 ConnectionTimeout 10
 Protocol 2,1
 LogLevel DEBUG3
 ProxyCommand /usr/local/bin/corkscrew %h %p

When I run ssh user@ww.xx.yy.zz, it automatically invokes the
corkscrew command which reads my user name and password from the auth
file and sends the information to port 8080 on our proxy server (HTTP,
not HTTPS or SOCKS or FTP which are also all available).

It just works.


Unsubscribe info:
Problem reports:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]