In our company network I have to use a proxy for FTP.
Furthermore I am not allowed per company policy to store any password on the local disk.
Our proxy authenticates users by mingling the authentication information for the proxy into that of the FTP server:
USER username@proxyusername@hostname
PASS password@proxypassword
In principle WinSCP 4.2.8 supports this. However, it expects the proxy password to be stored in the session settings.
If I leave both server password and the proxy password empty then I am only asked for one password.
I set up a dummy proxy (netcat -L) and looked at the data WinSCP was sending. When WinSCP asked for a password I entered "dummypw"
This is what I was seeing at my mockup proxy:
connect to [127.0.0.1] from localhost [127.0.0.1] 55486
220 Hi
USER anonymous@proxyuser@ftp.de.kernel.org
331 Enter password
PASS dummypw@
It looks like the password I had entered was used as the server password. A '@' was appended presumably followed by the preconfigured proxy password, which was, however, blank in this case.
I tested this hypothesis by configuring a proxy password ("dummyproxypw") in the settings:
connect to [127.0.0.1] from localhost [127.0.0.1] 55603
220 Hi
USER anonymous@proxyuser@ftp.de.kernel.org
331 Enter password
PASS dummypw@dummyproxypw
Here the proxy password was given to the proxy as it should. This would have worked.
However, I am not allowed to store the proxy password on the disk.
Diving into the settings everytime I want to connect to a server is possible but complicated.
Why not have a dialog that asks for a proxy password if that field is empty?