Tackling Special Characters in Proxy Passwords on Linux


Here’s a little issue that I’ve been trying to deal with for a while now, but haven’t been able to solve until just recently. When using a Linux distro, such as Ubuntu, behind a proxy server you can sometimes face issues when it comes to user authentication if your username or password contain special characters such as !, #, $, %, &, @, etc.; with the growing popularity of complex password requirements, especially in corporate domain networks, tackling this issue requires a little workaround.

So let’s say that you’re working on a linux distro of some sort, and that you’re connected to a network that has you placed behind a proxy server, which requires user authentication in order to provide you with access to the internet. Also, you are required to, or you just happen to have a complex password that includes special characters as specified above. The usual way to go about this would be to “export” the proxy server settings or to apply them system-wide through the operating system’s settings panel. Where you end up typing in the proxy server path, you will have an entry such as the following:

http://host.domain.com:XXXX/

Where “host.domain.com” represents the URL path of your proxy server, and “XXXX” represents the port number that your proxy server uses to listen to requests. Now, such an entry will simply let the OS and the respective applications know that they need to send a request to this proxy server in order to get access to the internet, however sometimes (and especially in a corporate domain network) you will need to provide some sort of user authentication so that the proxy server can also verify who you are, and not just which information you’re attempting to access. Therefore you will need to append the above entry with your username and password for the domain. Adopting this approach, the above proxy server path will change to the following:

http://username:password@host.domain.com:XXXX/

I don’t believe this new combination requires any further explanation.

So now, how do we add special characters if for instance our password was “12!34@56#”? We cannot just type that password in the above mentioned form, since it will confuse the OS, the network stack and any other application attempting to tokenize this information and make sense out of it.

Going back to HTML and URL encoding, we are restricted to ASCII encoding, which happens to be the exact same issue that we’re facing here. Are you getting where I’m with this?

Well taking this issue into consideration, we can replace the special characters in the example password considered, by their URL encoding equivalent in order to let the system understand that we are indeed using special characters here and not attempting to perform some sort of ancient algorithmic pseudo-satanic ritual. 😛

We can translate the above special characters into their equivalent URL encoding, as follows:

!  →  %21          @ → %40          # → %23

And therefore “12!34@56#”, becomes “12%2134%4056%23”, which then means that our proxy server URL will  be updated to take on the following form:

http://username:12%2134%4056%23@host.domain.com:XXXX/

Following this logic, you will be able to use pretty much any type of character you want in your passwords to make them more and more complex, and all you have to do when you’re entering the path is to substitute those characters with their respective URL-encoded equivalent.

For a full list of URL-encoding translations, refer to this reference sheet straight from the W3 Schools site.

From all of this we come to see that Linux distro’s are not very graphics-driven operating systems, even though they have been evolving immensely in that manner recently, we can clearly see that they still have a few nicks and knacks to cover in order to truly become fool-proof mainstream user operating systems, so-to-speak.

Advertisements

8 thoughts on “Tackling Special Characters in Proxy Passwords on Linux

  1. I’ve tried to URL encode my proxy username, but it does not work, on Ubuntu 12.04. The username uses the @ character, but replacing it with %40 does not work. It does work with regular usernames, but not with this one.

    Regards,

    Jorge

    Like

    1. Jorge, what is your username if you don’t mind me asking? Because I’m not aware of directory services allowing usernames to have special characters such as the ‘@’ sign.

      Like

      1. Hi Johnny,

        The username for proxy authnetication is: reg.arhnorte@arhnorte.pt
        If it seems complicated, imagine the password…

        But it works, in a very mixed environment of users, openration systems and browsers. I just set the proxy host and port, and the browser asks for the authentication. But I would like to set the environment variables with the username:password@proxy syntax.

        Regards,

        Jorge

        Like

      2. Hey Jorge, try putting just reg.arhnorte as your username; the rest of it (the @arhnorte.pt part) is your domain identifier and not part of your actual username.

        Try that out and let me know if it works for you. 🙂

        Like

What do you think?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s