[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: WG: Question about SSH

From: Ben Collins-Sussman <sussman_at_collab.net>
Date: 2005-03-30 16:35:20 CEST

On Mar 30, 2005, at 8:28 AM, Andreas Schoe wrote:

>
>
> -----Ursprüngliche Nachricht-----
> Von: Andreas Schoe [mailto:andi@gfz-potsdam.de]
> Gesendet: Mittwoch, 30. März 2005 10:14
> An: 'Ben Collins-Sussman'
> Betreff: AW: Question about SSH
>
> I think so, that the passwords are passed in plaintext over the
> network with
> the svn protocol but not with ssh.

No, that's not true. If you access via svn://, then passwords are
*not* passed in the clear over the network. It's using CRAM-MD5
authentication; read about it in chapter 6 of the book. In order to
not pass cleartext passwords, however, the server needs to have the
cleartext password on disk in a user-database.

If you access via svn+ssh://, then no part of subversion is doing
authentication at all. SSH is handling all authentication, which means
no cleartext passwords over the network, and you're using either system
accounts or ssh keys.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Mar 30 16:38:15 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.