[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Alternatives for remote access?

From: Robert W Anderson <rwa_at_alumni.princeton.edu>
Date: 2002-08-30 09:26:39 CEST

Justin Erenkrantz wrote:

>I think you have the right idea, but let me rephrase it slightly to
>make it clearer:
>
>1) From your local machine, you log in to your ssh-only server.
>2) When you login, you create a 'tunnel' that connects your local
> machine's port 8888 to the remote machine's port 8888.
>3) From your local machine, you run "svn co http://localhost:8888/"
>4) The connection on local port 8888 will really connect to the
> remote machine's port 8888 (which has Apache httpd with a SVN
> install running).
>
As long as that connection to port 8888 "to the server" happens "from
the inside," and actually comes in remotely through the port sshd is
listening on, then I understand, and it should work.

>>However, I would suspect that running apache ("a server") at all is a
>>security violation where I work, since users are not trusted (and
>>rightly so) to configure it appropriately for secure use. Indeed I find
>>no trace of it in my originally RedHat distribution
>>
>
>I've heard rumours that Apache 2.0 will be included in the next
>RedHat release. -- justin
>
What I meant was that our security folks had wiped any and all web
servers off our distributions. But it is sounding more like the problem
has been reduced to one of convincing the powers that be that this is no
less secure than any other instance of ssh.

Bob

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Aug 30 09:27:00 2002

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.