Re: Credentials Caching - Security Guy Not Happy

From: Travis P <svn_at_castle.fastmail.fm>
Date: 2004-08-26 01:49:30 CEST

On Aug 25, 2004, at 6:07 PM, Peter Valdemar Mørch wrote:

> Travis P svn-at-castle.fastmail.fm |Lists| wrote:
>> It can lead to something entirely sensible like ssh-agent or AFS
>> tokens.
>
> Well, to be practical for Paul Ossenbruggen, this is a real world
> solution, that works NOW: Use ssh to access the repository instead of
> http. svn co svn+ssh://server/repos/path/

Definitely a good solution that can be deployed today, as long as you
do not need per-path authorization granularity for reads and writes,
something that only the DAV access method provides today. All other
pros-and-cons of the different access methods apply of course. In this
case, the ability to use ssh-agent and avoid on-disk auth caching while
maintaining usability is a strong advantage of svn+ssh access, perhaps
the defining one, but there are tradeoffs.

-Travis

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Aug 26 01:50:24 2004

This message: [ Message body ]
Next message: Tor Ringstad: "Re: branching and switch question"
Previous message: Peter Valdemar Mørch: "Why doesn't "users" have a "Reply-To" header back to the list?"
In reply to: Peter Valdemar Mørch: "Re: Credentials Caching - Security Guy Not Happy"
Next in thread: Paul Ossenbruggen: "Re: Credentials Caching - Security Guy Not Happy"
Reply: Paul Ossenbruggen: "Re: Credentials Caching - Security Guy Not Happy"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]