使用cmd中的设置http_proxy保护凭据
[英]Securing Credentials with set http_proxy in cmd
问题描述
I was trying to install Rubygems on my Windows 7 machine and had to authenticate myself with a corporate proxy server. 
我试图在Windows 7计算机上安装Rubygems,并且必须使用公司代理服务器进行身份验证。 I saw several people on various forums with the same problem, and the common solution seemed to be 我在各个论坛上看到几个人都遇到相同的问题,而共同的解决方案似乎是
set http_proxy=http://username:password@www-domain.com:80
While this did work for me and allowed me to download the Rubygems that I needed, I spoke with a security professional about the security of typing the password in plaintext like that, and he did a packet capture with Wireshark and was able to see my credentials. 尽管这确实对我有用,并允许我下载所需的Rubygems,但我与一位安全专家讨论了以这种方式以纯文本形式键入密码的安全性,并且他使用Wireshark进行了数据包捕获并能够查看我的凭据。 Is there a way to pass credentials in securely through the command line? 有没有办法通过命令行安全地传递凭据? I know that a lot of other Ruby developers at my company would like to download gems and need a way to authenticate themselves, but I'd prefer to find a secure solution before I help anyone else out. 我知道我公司的许多其他Ruby开发人员都想下载gems,并且需要一种对自己进行身份验证的方法,但是我希望在帮助他人之前先找到一个安全的解决方案。
1 个解决方案
解决方案1
1 已采纳 2015-06-05 19:08:46
No, because you connect with http to your proxy, the crendials will be send in cleartext by design. 不可以,因为您使用http连接到代理服务器,所以凭据将按设计以明文形式发送。
If your company cares about security, you should connect via https:// to your http proxy. 如果您的公司关心安全性,则应通过https://连接到http代理。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.