18 Jan
2006
18 Jan
'06
9:31 a.m.
On Wednesday 18 January 2006 2:03 pm, Anurag wrote:
Sometime on Wed, Jan 18, 2006 at 01:50:46PM +0530, Sanket Medhi
said:
Yes! :) But I think there should be something else in these widely used tools to configure proxy. Storing the username/password in such a way is definitely insecure.
As it is its insecure.
ssh port forwarding to the proxy. No plaintext on the wire.
The user must realise that his credentials are being transported in plain text format over the network. That's why there's no point in giving him/her false sense of security.
For the same reason, fetchmail, gaim, internet dialers.. all store passwords in plain text.
Anurag
__ __gnu /noo/ n. Ox like antelope; (abbr.) /gnoo/ n. (recursive acronym) Gnu's Not Unix.