I noticed at my customer's organisation that there is a proxy breaking the https flow. Certificates do not belong to the https web site, but to the organisation itself. They are using it for scanning data and avoid viruses and guess other things.
I provide some cloud services, which I manage through Shell in a Box: an Ajax terminal emulator, over https. Obviously, the passwords I use will be read in clear text thanks to the proxy.
How can I avoid this weakness? Could we imagine to implement end-to-end encryption at Shell in a Box level?