Re: passwords in subversion

From: Ben Collins-Sussman <sussman_at_collab.net>
Date: 2004-12-12 15:31:00 CET

On Dec 12, 2004, at 1:04 AM, Daniel Patterson wrote:

>
> Server stores HASH(pw)
>
> Client generates random token, and calculates this:
>
> authstring = HASH(HASH(pw)+token)

IIRC, svnserve is doing CRAM-MD5 right now, which is *almost* the same
thing:

authstring = HASH(pw + token).

>
> Client sends "authstring,token" to server. Server can recalculate
> authstring to verify that the client knew "pw" (or at least,
> HASH(pw)). Neither "pw", nor "HASH(pw)" are ever sent over the
> wire.

And in CRAM-MD5, the server stores cleartext "pw", so it knows that the
client knew "pw". Just like digest auth, the password never travels
over the network in the clear.

>
> If someone can get copies of the hash, then you're still screwed
> (the hash is basically the password), but hopefully, hashes are
> harder
> for people to remember by looking over your shoulder.
>

Agreed. But rather than implement a whole new (almost identical) authn
system, why not just have svnserve store the user-db with a trivial
scramble. It solves the same "over the shoulder" problem, with a lot
less work.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sun Dec 12 15:35:14 2004

This message: [ Message body ]
Next message: MikeM: "Re: Authentication using UNIX passwords"
Previous message: Michael J. Pawlowsky: "Re: SVN - CVS compatibility"
In reply to: Daniel Patterson: "Re: passwords in subversion"
Next in thread: pat: "Re: passwords in subversion"
Reply: pat: "Re: passwords in subversion"
Reply: kfogel_at_collab.net: "Re: passwords in subversion"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]