Open greskom opened 8 months ago
rofl0r
commented
8 months ago this mechanism appears to be very complex. if someone is interested in implementing this, m$ provides some example code and test data here: https://learn.microsoft.com/en-us/previous-versions/ms995331(v=msdn.10)
greskom
commented
8 months ago Maybe as a first step kerberos only support would be sufficient. The kerberos probably is not so complex as NTLM is. We have squid with kerberos auth here, so no need for NTLM.
greskom
commented
8 months ago The curl implements SPNEGO when using --negotiate parameter. Maybe this could be used as an inspiration?
rofl0r
commented
8 months ago it's hard to develop stuff for systems you don't have access to. if you can describe how to setup a test environment, it's more likely someone interested shows up and implements your feature. personally, i've never come across a socks server implementation with GSSAPI support, probably because it's so complex despite having "simple" in the name.
greskom
commented
8 months ago You can setup kerberos using this guide: https://fedoraproject.org/wiki/Infrastructure/Kerberos Then make squid to authenticate against kerberos: https://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos
Hello,
would it be possible to add SPNEGO Authentication to proxychains-ng? We are behind proxy requesting SPNEGO authentication using kerberos.
Thanks
Marek