Re: ssh based access?

From: Peter Mathiasson <peter_at_mathiasson.nu>
Date: 2002-04-18 20:15:05 CEST

On Thu, Apr 18, 2002 at 01:35:53PM -0400, Scott Lenser wrote:
> machine to be encrypted. It could just be my general lack of understanding of
> exactly how certificates are done, but I gave up after I add made what I thought
> was a valid certificate and compiled apache with ssl support and then went to
> try it and got nothing. Non-ssl connections could be used fine. I think any

Subversion does not yet support verification of certificates, so using
ssl (directly) with it is quite useless. If you need SSL right now, I
would recommend tunneling it using stunnel (www.stunnel.org).

I've never tried Apache's SSL support using client side certificates, so
I have no idea if that's working.

Currently, with all this new software I tunnel it through stunnel and
check client side certificates. That way apache/svn/ is not exposed to
the internet, just to clients who can provide a valid certificate.

-- 
Peter Mathiasson, peter at mathiasson dot nu, http://www.mathiasson.nu
GPG Fingerprint: A9A7 F8F6 9821 F415 B066 77F1 7FF5 C2E6 7BF2 F228

application/pgp-signature attachment: stored

Received on Thu Apr 18 20:16:22 2002

This message: [ Message body ]
Next message: Greg Stein: "Re: ssh based access?"
Previous message: Garrett Rooney: "Re: ssh based access?"
In reply to: Scott Lenser: "Re: ssh based access?"
Next in thread: Greg Stein: "Re: ssh based access?"
Reply: Greg Stein: "Re: ssh based access?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]