[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Request: Kerberos/GSSAPI/SSPI and TortoisePlink in TortoiseSVN, TortoiseGIT and TortoiseHG too?

From: jonathan d p ferguson <jdpf.plus_at_gmail.com>
Date: Thu, 3 Mar 2011 02:34:28 -0500

hi.

Awesome TortoiseSVN devs:

Thank you for creating such an awesome product. It sees thousands of hours of use where I teach. :-)

I've been following the thread of Kerberos/GSSAPI integration into the PuTTY suite for some time now. There have been a number of ports by various people that work. I noticed today (in revisiting the thread) that basic support for Kerberos was added in r8952. Lest I'm mistaken, it appears that the last time TortoisePlink synched was at r8934, aka PuTTY version 0.59. The current revision for PuTTY is r9117, though I am unaware of any imminent 0.61 release from the PuTTY developers.

I searched the TortoiseSVN developer's list archive/forum for related topics and didn't see anything recent on this topic. I have not attempted to update this tree myself, though I can authenticate over Kerberos/GSSAPI with my own build of PuTTY/Plink r9117. My past attempts to use a different Plink executable (ie, Plink with GSSAPI support) with TortoiseSVN were too shaky for deployment.

Could you please investigate the possibility of updating the Plink submodule? As the PuTTY developers haven't yet blessed a release, I'm not 100% sure that GSSAPI support is "ready," but it bears asking. Adding such support infers a dynamically linked dependency on the relevant Kerberos provider libraries (GSSAPI/SSPI). That linkage is now handled by PuTTY/Plink itself.

If this feature enters Tortoise{SVN,GIT,HG}, users of Kerberos/GSSAPI/SSPI authentication will thank you. :-) I notice that Kerberos/SSPI appears to be handled by libneon when authenticating over HTTPS. It would be most excellent if a similar capability was supported for SSH.

The user story here is:

"A user of Tortoise{SVN,GIT,HG} would like to authenticate against an SSH-based {SVN,GIT,HG} server using Kerberos/GSSAPI/SSPI such that if she has current credential tickets (and the server is authorized against the kdc) she will not need to type a password to access the repository behind the SSH service."

Thoughts?

Many Thanks!

have a day.yad
jdpf

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=757&dsMessageId=2709187

To unsubscribe from this discussion, e-mail: [dev-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2011-03-03 08:41:26 CET

This is an archived mail posted to the TortoiseSVN Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.