On Mon, Feb 1, 2010 at 07:17, Nico Kadel-Garcia <nkadel_at_gmail.com> wrote:
> Good morning:
>
> I've got a group that wants to use a Subversion repository in-house,
> but doesn't want to deal with SSH keys. (And the storage of passwords
> in cleartext blocks me from recommending https access, and I don't
> want to deal with plain-text password management for svnserve..
What storage of passwords in cleartext blocks? For HTTP(S), you create
the password with htdigest and it's stored encrypted on the server &
Digest Authentication (not plain-text) is used. On the client, if
you're using Windows, it's stored using the Windows Crypto API, on
MacOS it's stored using Keychain, and on *NIX, you can configure it to
use the secure password "wallets" provided by KDE and GNOME.
For svnserve, yes, you need the password in plaintext on the server
(it'll be encrypted on the client as above, but everything over the
wire is unencrypted), but if HTTP(S) is still an option on the table,
there are plenty of ways to keep things encrypted.
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2443780
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2010-02-01 14:20:16 CET