Wez Furlong

We don't currently support TLS or auth in our Socks5 client implementation, so this enhancement is for both the client and the proxy to develop both TLS and Socks5 authentication.

As it stands today, you can either: * Use `bootstrap_via_ssh` to bootstrap the trust between client and server, and have wezterm internally generate a certificate for the client to use....

`wezterm cli tlscreds` is an implementation detail used by the bootstrap logic, so it doesn't have a way to expose the data. I suppose that it could offer a `--json`...

If that flag was added, in your docker container, when you start the mux server, you would run `wezterm cli tlscreds --json` and then parse the output and save the...

Yeah, wezterm is essentially doing that for you. I've pushed the `--pem` option. You'll want to do something like: ```console $ wezterm cli tlscreds --pem > /dev/shm/creds.pem ``` then securely...

if you're connecting directly from the host machine into the container running inside the host you can perhaps be less paranoid and maybe just simplify that to a `docker exec...

(I have not tested trying to use the result of this in this way, but I think there's an 80% chance that it will work without me having to dig...

> @wez it seems there might be an issue with headers rewriting in the Rust. Or maybe I don't understand the original logic... > > ```diff > --- a/crates/kumod/src/smtp_server.rs >...

If I can be frank, the docs for the CLI are particularly light on meaningful detail. While they appear to have a list of all of the possible options but...

my perception is that this command doesn't work as advertised by its help; the repo needs to be mounted in the first case. In the second case, I would like...