RE: Credentials Caching - Security Guy Not Happy

From: Patrick Smears <patrick.smears_at_ensoft.co.uk>
Date: 2004-08-26 11:42:07 CEST

> > The svn+ssh approach is cool, although we would give up the Active
> > Directory integration. One of the things that is great
> about svn https
> > is that we are using Active Directory which was requested by the
> > security guy. This centralizes access so that we only have
> one place to
> > go when we want to remove access to a resource.
>
> I haven't done it myself, but I'd be surprised if there
> wasn't a way to gat
> PAM (and therefore ssh, and therefore svn+ssh) authenticating
> against the AD.

I was just about to suggest this... I don't have much experience with AD,
but it's certainly fairly easy to have SSH authenticate against an NT
domain... look up the "pam_smb.auth.so" PAM module.

I've set up similar things on Linux and it's not too hard; it might also be
possible with Cygwin but I have no experience with that.

Patrick

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Aug 26 11:42:47 2004

This message: [ Message body ]
Next message: Anthony Metcalf: "svn+ssh in windows."
Previous message: Max Bowsher: "Re: Credentials Caching - Security Guy Not Happy"
Maybe in reply to: Paul Ossenbruggen: "Credentials Caching - Security Guy Not Happy"
Next in thread: Patrick Smears: "RE: Credentials Caching - Security Guy Not Happy"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]