Re: Re: [Feature request] remember password for ssh+svn

From: Daniel Atallah <daniel.atallah_at_gmail.com>
Date: Tue, 15 Dec 2009 18:50:53 -0500

On Mon, Dec 14, 2009 at 21:42, naox <spamik_at_yum.pl> wrote:
> Its not difficult - TortoiseSVN must just call TortoisePlink.exe with -pw <pass> (pass is cached password). I know it can be put in settings/network/ssh but that way you have one password for all svn+ssh sessions.
> If for some reason this is not apropriate/secure (like sniffing out process list by other system users) I guest one must modify TortoisePlink.exe. I assume its called TortoisePlink.exe not Plink.exe for that reason...
> Besides why on earth soft could not automaticly paste cached password in terminal. Protocol have nothing to do with this. Its just a keyboard interactive authentication.

It's called "Keyboard Interactive Authentication" for a reason (and
what you're asking for is certainly not keyboard interactive).

There is a standard (and secure) way to perform SSH authentication
using cached credentials; introducing a security hole by storing the
actual password because you're too lazy to set up a keypair (a
remedial task) is a really bad idea.

-D

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2430683

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2009-12-16 00:50:58 CET

This message: [ Message body ]
Next message: Dinh: "TortoiseSVN 1.6.6 blocked on stale network connection"
Previous message: Dave Huang: "Re: Question about merging"
In reply to: naox: "RE: Re: [Feature request] remember password for ssh+svn"
Next in thread: naox: "RE: [Feature request] remember password for ssh+svn"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]