[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: using (or coding support for) encrypted passwords

From: Malcolm Rowe <malcolm-svn-dev_at_farside.org.uk>
Date: 2006-10-27 01:53:47 CEST

On Mon, Oct 23, 2006 at 11:55:56AM +0200, Alexis Huxley wrote:
> > > Is there any way to use encrypted passwords in <repo>/conf/passwd
> > > instead of plaintext?
> And for the server side? Is any reason for not encrypting the passwords
> there? If not, is this something planned? Is it a bite-size problem?
>

This is partly the same as the client problem -- there's no global
Keychain-like service that we can rely on.

Additionally, though we could use {ROT13, CryptoAPI, Keychain} storage
on the server side, we'd need a utility to manage those passwords.

The 'right' answer might well be to use a SASL-enabled server - you can
then use whatever secure password storage that you have available.

Regards,
Malcolm

  • application/pgp-signature attachment: stored
Received on Fri Oct 27 01:54:04 2006

This is an archived mail posted to the Subversion Dev mailing list.