[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Credentials Caching - Security Guy Not Happy

From: Patrick Smears <patrick.smears_at_ensoft.co.uk>
Date: 2004-08-26 11:42:07 CEST

> > The svn+ssh approach is cool, although we would give up the Active
> > Directory integration. One of the things that is great
> about svn https
> > is that we are using Active Directory which was requested by the
> > security guy. This centralizes access so that we only have
> one place to
> > go when we want to remove access to a resource.
>
> I haven't done it myself, but I'd be surprised if there
> wasn't a way to gat
> PAM (and therefore ssh, and therefore svn+ssh) authenticating
> against the AD.

I was just about to suggest this... I don't have much experience with AD,
but it's certainly fairly easy to have SSH authenticate against an NT
domain... look up the "pam_smb.auth.so" PAM module.

I've set up similar things on Linux and it's not too hard; it might also be
possible with Cygwin but I have no experience with that.

Patrick

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Aug 26 11:42:47 2004

This is an archived mail posted to the Subversion Users mailing list.