[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: [PATCH] Obfuscate auth info

From: Fernandes, Filipe (Bolton) <ffernandes_at_husky.ca>
Date: 2006-10-18 15:30:30 CEST

James Courtier-Dutton wrote:
> Why not interface with ssh-agent, and get ssh-agent or an ssh-agent type
> program to store the passwords. Then, the passwords are lost at each
> reboot, and do not enter any backup tapes, so are only stored in memory
> for the duration of the session.

I haven't considered using the svn-ssh approach so my argument may just have
been shot down but we're quite fond of using https especially with how easy
it is to overcome firewall issues (more like dev vs. operation (human)
issues with opening up the firewall) and with how quickly we can access data
using a browser.

I'm always using the '--no-auth-cache' command line parameter myself
(although this is such a pain). SVN on windows seems to take advantage
of windows facilities to encrypt the password. I imagine that on the
BSD/Linux side, services like this aren't so 'universal' (I'm not sure of
that but not meant to be a crack at Linux, Love Linux ;).

filipe

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Oct 18 15:30:51 2006

This is an archived mail posted to the Subversion Dev mailing list.