Re: svn+ssh long-lived daemon

From: Ivan Zhakov <ivan_at_visualsvn.com>
Date: Fri, 20 Nov 2015 18:25:29 +0300

On 20 November 2015 at 17:20, Mark Phippard <markphip_at_gmail.com> wrote:
> I've always felt the same, but now that I've used SSH more (with Git) I kind
> of question it.
>
> Are HTTP client certs much better than passwords? The cert itself still has
> to be physically secured and if you protect the cert with a passphrase then
> you have all of the same cache problems that passwords do.
>
HTTP client certs a slightly better than passwords because evildoer
cannot intercept password over the wire. But on the other hand
connection is already encrypted so even plain-text password is not big
problem.

-- 
Ivan Zhakov

Received on 2015-11-20 16:26:01 CET

This message: [ Message body ]
Next message: Julian Foad: "Re: svn commit: r1715269 - /subversion/branches/1.9.x/STATUS"
Previous message: Mark Phippard: "Re: svn+ssh long-lived daemon"
In reply to: Mark Phippard: "Re: svn+ssh long-lived daemon"
Next in thread: Philip Martin: "Re: svn+ssh long-lived daemon"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]