How to configure VS Code to remember proxy settings (Windows) - visual-studio-code

I'm a little bit fed up of this window:
I checked the configuration and I added the proxy URL to the http.proxy entry as described here:
"http.proxy": "http://frustratedusername:password#pesky.proxy.com:8080/"
But it didn't work. Then, I tried setting the http_proxy and https_proxy environment variables, but it didn't work neither.
Is there any way to make VS Code remember the proxy settings?

Remembering proxy credential should now be supported, since VSCode 1.51 (Oct. 2020), and confirmed with VSCode 1.52 (Nov. 2020)
Remember proxy credentials#
We are overhauling the login dialog that shows when a network connection requires authentication with a proxy.
A new setting, window.enableExperimentalProxyLoginDialog: true, will enable this new experience that we plan to make the default in a future release.
Theme: GitHub Light
The dialog will appear inside the VS Code window and offer a way to remember the credentials so that you do not have to provide them each time you start VS Code.
Credentials will be stored in the OS standard credential store (keychain on macOS, Windows Credential Manager on Windows, and gnome keyring on Linux).
We still only show this dialog once per session, but might revisit this decision in the future. You will see the dialog appear again in case the credentials you selected to be remembered are not valid. Providing them again allows you to change them.

I tried with proxy switch in the command itself.
Something like this and it worked for me:
node-gyp configure --proxy=http://proxy.server.name:port

Tried with this install nodejs package.
then open command prompt and enter npm commands.
set the proxy using below commands
npm set proxy http://name:password#gtpproxy.proxy.com:8080
npm set https-proxy http://name:password#gtpproxy.proxy.com:8080
npm config set strict-ssl false -g
Note:
Replace name with email
Replace password with the actual password
Replace gtpproxy with the proxy address of the location.

You will have to URL-encode your username and/or password. For example, if your username contains a domain, like e.g. DOMAIN\username, you'll have to URL-encode the backslash. Thus, you need to use DOMAIN%5Cusername. The same goes for your password, URL-encode each and every non-ascii character.

Related

How to set preferred Kerberos/GSSAPI library in ssh config file?

I can connect to a remote host using Kerberos in PuTTY on Windows 10, but I cannot do the same thing in VS Code.
In PuTTY, there is a setting (see below) that specifies the order of GSSAPI libraries:
Since this answer states that Windows "has two Kerberos libraries (MIT KfW & Windows SSPI)", I suspect that VS Code is not defaulting to the correct, MIT Kerberos GSSAPI64.DLL library.
But I can't seem to find any answers online that shows how to specify the preference or order of such libraries in my ssh config file.
Any suggestions are welcome! Thanks in advance.
There is no way to do that.
When VSCode makes an SSH connection, it normally uses the ssh.exe program from OpenSSH rather than using PuTTY.
PuTTY has been deliberately written to load the libraries on the fly (to avoid the .exe having any hard dependencies), so its ability to configure the library paths is there "for free". That's not the case for OpenSSH, however, or even most other Kerberos-using programs – ssh.exe is "hard" linked to one specific library at compile time; it can dynamically load PKCS#11 backends but hasn't been programmed to dynamically load GSSAPI backends.
In addition, Windows SSPI actually provides a different API from that of GSSAPI – the core concepts and flows are the same, but the function names and prototypes differ quite a bit. Again, PuTTY supports both only because it was deliberately written to do so. Standard OpenSSH would only support GSSAPI, and while Microsoft has patched the "in-box" Win32-OpenSSH to use SSPI, it is still one or the other – you can't really make the Windows ssh.exe load MIT libgssapi instead.
There are several workarounds, though:
You can try installing a different OpenSSH build for Windows that does use GSSAPI from MIT Kerberos; perhaps either Cygwin OpenSSH, or the MSYS OpenSSH that's included with Git could work (if it has GSSAPI support at all).
You can try configuring VSCode to run PuTTY's command-line SSH client plink.exe instead of ssh.exe. This likely won't work for interactive shell sessions, but might be able to handle non-interactive ones (such as VSCode Remoting).
You can try using Windows SSPI, as it does not actually require domain membership to work as a Kerberos client – it's enough to save your Kerberos credentials in Windows:
cmdkey /add:*.example.com /user:sam#EXAMPLE.COM /pass
Note that if the realm is not running Active Directory, you also need to mark it as a "MIT realm" as an Administrator (the presence of a "realm flags" setting – even an empty one – is needed to prevent Windows from doing AD-specific Netlogon probes):
ksetup /addrealmflags EXAMPLE.COM TcpSupported
With the password stored, enabling GSSAPIAuthentication yes in your ~.ssh\config will allow Windows OpenSSH (as well as PuTTY with SSPI) to connect using Kerberos to any host matching the specified *.example.com.

How do I set the default browser for xdg-open on Centos 7 if xdg-settings has no desktop environment

There are many questions similar to mine (e.g. xdg-open not open default browser or xdgutils - xdg-settings not setting default-web-browser in gentoo, but none of the answers helped in my case. Therefor I ask for my particular situation:
On Centos 7 I have no free desktop manager running, I just run some X11 applications (like VS Code) from the command line where the DISPLAY variable is set to the X server on the (Windows) machine I connect from.
On the Centos machine I have two browsers installed, firefox and google-chrome. I can start both browsers just by typing firefox resp. google-chrome in the bash terminal.
xdg-open is available and it opens links in google-chrome - as does VS Code. However I want to change this to firefox.
I tried:
Ticking "Default browser" in Firefox's GUI preferences.
Using xdg-settings, but
xdg-settings get default-web-browser
returns "xdg-settings: unknown desktop environment"
Setting $BROWSER. In bash I issued
export BROWSER=firefox
but still google-chrome is started by xdg-open
How can I set in this environment the default browser to firefox?
Note: Strangely on another machine with Centos 6 (and "no desktop environment" either) the export BROWSER method works!
The desired behavior can be set in the mimeapps.list configuration files described in the XDG MIME Applications specification.
TLDR:
In order to configure firefox as the default browser for your user create ~/.config/mimeapps.list containing the following lines:
[Default Applications]
x-scheme-handler/http=firefox.desktop
x-scheme-handler/https=firefox.desktop
x-scheme-handler/ftp=firefox.desktop
x-scheme-handler/chrome=firefox.desktop
text/html=firefox.desktop
application/x-extension-htm=firefox.desktop
application/x-extension-html=firefox.desktop
application/x-extension-shtml=firefox.desktop
application/xhtml+xml=firefox.desktop
application/x-extension-xhtml=firefox.desktop
application/x-extension-xht=firefox.desktop
Details:
xdg-utils like xdg-open(1) and xdg-mime(1) look for this file in the locations listed under the File name and location section of this specification:
$XDG_CONFIG_HOME/$desktop-mimeapps.list user overrides, desktop-specific (for advanced users)
$XDG_CONFIG_HOME/mimeapps.list user overrides (recommended location for user configuration GUIs)
$XDG_CONFIG_DIRS/$desktop-mimeapps.list sysadmin and ISV overrides, desktop-specific
$XDG_CONFIG_DIRS/mimeapps.list sysadmin and ISV overrides
$XDG_DATA_HOME/applications/$desktop-mimeapps.list for completeness, deprecated, desktop-specific
$XDG_DATA_HOME/applications/mimeapps.list for compatibility, deprecated
$XDG_DATA_DIRS/applications/$desktop-mimeapps.list distribution-provided defaults, desktop-specific
$XDG_DATA_DIRS/applications/mimeapps.list distribution-provided defaults
The locations for the $XDG variables are governed by the XDG Base Directory specification. If you want to figure out where xdg-utils are looking for configuration in your particular case, run them with the XDG_UTILS_DEBUG_LEVEL environment variable like so:
$ XDG_UTILS_DEBUG_LEVEL=10 xdg-open 'https://www.example.com'
...
Checking /home/USERNAME/.config/mimeapps.list
...

Location Specific Github Proxy

I have a work laptop that resides between a painful corporate proxy during the day. When I'm at home, I don't have to worry about a proxy unless I VPN in.
Is there a way to set-up an automatic github proxy, such that if I'm at work it'll use the corporate proxy, and if I'm at home, it'll remove proxy settings?
Or perhaps a way that attempt 1 is made with a proxy, and attempt 2 is made without?
Thanks for any suggestions!
You can set it manually through pre-defined scripts/functions, as described here:
See nwinkler/bash-it/plugins/available/proxy.plugin.bash
"When working from the office (where I have to use a proxy), I simply call enable_proxy, and when working from home, I call disable_proxy", as detailed here.
You could wrap this in a test, which tries a curl without and then with HTTP(S)_PROXY variable, in order to see which call is successful.
On Linux, that test could be part of your .bashrc, which would allow any new shell session to open itself with the right settings set or not.

Kerberos: kinit on Windows 8.1 leads to empty ticket cache

I installed Kerberos for Windows on a new set-up Windows 8.1 machine.
Domain: not set
Workgroup: WORKGROUP
I edited the krb5.ini file in C:\ProgramData\MIT\Kerberos5 directory like this:
[libdefaults]
default_realm = HSHADOOPCLUSTER.DE
[realms]
HSHADOOPCLUSTER.DE = {
admin_server = had-job.server.de
kdc = had-job.server.de
}
After a restart, I made a kinit -kt daniel.keytab daniel to authenticate me against the Realm via console. Also getting a ticket by user and password via the Kerberos Ticket Manager seems to work fine, as the ticket is shown in the UI.
What I'm wondering about is, that when I call a klist I get an empty list back, which says something like cached tickets: 0:
This seems not normal to me, as my Ubuntu computer shows valid tickets by klist after a kinit.
What am I doing wrong? Is there some more configuration to do? Sometimes I read about a ksetup tool, but I don't know which settings here are neccessary and which not...
============================================================
After I set
[libdefaults]
...
default_ccache_name = FILE:C:/ProgramData/Kerberos/krb5cc_%{uid}
in my krb5.conf, the kinit command via console and via Kerberos Ticket Manager creates a file in the specified path. So far everything looks good.
But: The kinit command creates tickets with very different file names (long vs. short), depending if I run the console as "admin" (short name) or not (long name), see the screenshot below. The Kerberos Ticket Manager only shows one of the tickets:
If run as admin:
Shows the ticket I created via admin console
Creates ticket files with short file names
If run as normal:
Shows the ticket I created via "normal" console
Creates ticket files with long file names
The klist command still doesn't show the cached tickets, independent if console was opened as admin or not.
The MIT Kerberos documentation states that...
There are several kinds of credentials cache supported in the MIT
Kerberos library. Not all are supported on every platform ...
FILE caches are the simplest and most portable. A simple flat file format is used to store one credential after another. This is the
default...
API is only implemented on Windows. It communicates with a server process that holds the credentials in memory... The default
credential cache name is determined by ...
The KRB5CCNAMEenvironment variable...
The default_ccache_name profile variable in [libdefaults]
The hardcoded default, DEFCCNAME
But AFAIK, on Windows the hard-coded default cache is API: and that's what you can manage with the UI. kinit also uses that protocol by default.
I personally never could use klist to use that protocol, even with the "standard" syntax i.e. either
  klist -c API:
or
  set KRB5CCNAME=API:
  klist
On the other hand, if you point KRB5CCNAME to a FILE:***** then you can kinit then klist the ticket; but it will not show in the UI and will not be available to web browsers and the like.
If klist command doesn't show the keys even after setting environment variable like KRB5CCNAME (i.e. set KRB5CCNAME=C:\kerberos_cache\cache\krb5cache, its a file not a directory. You'll have to create parent directory manually), then chances are that the klist command that you're running is not from MIT Kerberos Windows installation in C:\Program Files\MIT\Kerberos\bin but rather the klist command from Windows itself in C:\Windows\system32.
You can check that out by running which klist if you have cygwin tools. In this case, simplest solution is to copy klist.exe into MIT Kerberos installation's bin directory as a new file i.e. klist_mit.exe. Cache entries should be shown if you run klist_mit command.

Eclipse Luna Not Storing Proxy Authentication Username and Password

I'm trying to get Eclipse Luna (on Debian 8) to connect to the Internet via a WiFi proxy that requires authentication. I am able to set the proxy host, port, username and password after which I apply the settings and close the dialog. The next time I open it, it does not have the username and password settings, although the host and port are retained correctly. The Active Provider is set to Manual as required.
For some reason, it doesn't seem to be saving the authentication details and I'm not able to connect to the Internet.
Is this a bug or I'm I doing something wrong?
Also, in what file does Eclipse store the proxy settings? Maybe I can go in there and make the changes directly if this is a GUI problem.
Edit: A look at the Error Log gives a vital clue. It says: No secure storage modules found.
I worked around this issue by adding the proxy settings to the eclipse.ini file as specified in this SO post.
-vmargs
-Dorg.eclipse.ecf.provider.filetransfer.excludeContributors=org.eclipse.ecf.provider.filetransfer.httpclient4
-Dhttp.proxyHost=*myproxyhost*
-Dhttp.proxyPort=*myproxyport*
-Dhttp.proxyUser=*proxy username*
-Dhttp.proxyPassword=*proxy password*
-Dhttp.nonProxyHosts=localhost|127.0.0.1