[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn+ssh long-lived daemon

From: Ivan Zhakov <ivan_at_visualsvn.com>
Date: Fri, 20 Nov 2015 18:25:29 +0300

On 20 November 2015 at 17:20, Mark Phippard <markphip_at_gmail.com> wrote:
> I've always felt the same, but now that I've used SSH more (with Git) I kind
> of question it.
>
> Are HTTP client certs much better than passwords? The cert itself still has
> to be physically secured and if you protect the cert with a passphrase then
> you have all of the same cache problems that passwords do.
>
HTTP client certs a slightly better than passwords because evildoer
cannot intercept password over the wire. But on the other hand
connection is already encrypted so even plain-text password is not big
problem.

-- 
Ivan Zhakov
Received on 2015-11-20 16:26:01 CET

This is an archived mail posted to the Subversion Dev mailing list.