Ben Collins-Sussman wrote:
> Andy Helten wrote:
>
>>
>
>> All of this implies (to me anyway), that user 'harry' must have a
>> system account. Am I missing something?
>
>
> Yes. Chapter 6 explains there are two ways of invoking svnserve:
>
> 1. running svnserve as a daemon, and using its own built-in
> authentication (CRAM-MD5) and private passwd file. No need for system
> accounts. This is what svn:// urls are all about.
>
> 2. having svn clients run 'ssh remotehost svnserve', then talking to
> the temporary svnserve process over the ssh tunnel. Users must have
> ssh (system) accounts. This is what svn+ssh:// is all about.
>
> Read chapter 6 closely... these are separate methods of using svnserve.
>
I did read it, about 4 times. I guess my assumption was that the svn://
access method did not encrypt the repository _data_ (did not find this
explicitly described in the book). Am I wrong here? I understand
authentication is secured by CRAM-MD5, but that doesn't imply the
subsequent repository transfer is secure. Is it? If not, these access
methods are hardly equivalent in terms of security.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Jul 30 01:25:31 2004