[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: TSVN asks for password over and over and over...

From: Eric Poole <eric_at_rkt-tech.com>
Date: 2007-01-25 21:35:02 CET

At 01:31 PM 1/25/2007, Stefan Kng wrote:

<SK>>>>>As the FAQ explains, you should install pageant. That's a
tool from putty which caches your ssh authentication data during your
logon session.<<<<<

I had tried pageant earlier and for some reason could not get it to
work with passphrase-encrypted key pairs. Worked fine without the passphrase.

Tried it again today and it worked. I don't know why it didn't work
before. I suppose I could have typo'ed the passphrase but I recall
trying it several times and regenerating keys several times.

Oh, well, it's working now. :-)

However, pageant still only seems to cache ssh auth data if using ssh
key pairs. If not using key pairs, i.e. if you let the "password"
dialog box come up and enter in your password, pageant doesn't (seem
to) cache that data... TSVN (or the ssh client) still makes me enter
the password multiple times.

Using ssh key pairs, encrypted with passphrase, solves part of the
problem. The user then as to call up pageant, right click on the
little screen with the hat on it down in the toolbar, and load the
key, providing the passphrase. Then the user can happily check out
and check in and do all kinds of Subversion stuff, until he logs off,
shuts down the computer, or right clicks the pageant icon and selects "Exit".

If the user forgets to exit pageant, though, then his computer is
still effectively connected to the Subversion server and anyone who
walks by can access the repository.

Is there a way around that?

I guess I'm OK with just telling our clients that they have a certain
level of responsibility for their computer security ... we can tell
them what to do, but we can't force them to do it. Then if they walk
away and let someone else access their repository because they didn't
log off or exit pageant, I suppose that's their fault and not ours.

Still vaguely troubling, though... I'd be happier if there was a way
that made it harder for them to get into trouble by forgetting procedure...

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tortoisesvn.tigris.org
For additional commands, e-mail: users-help@tortoisesvn.tigris.org
Received on Thu Jan 25 21:35:10 2007

This is an archived mail posted to the TortoiseSVN Users mailing list.