[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svnserve passwd plaintext

From: Erik Huelsmann <ehuels_at_gmail.com>
Date: 2006-07-15 13:46:47 CEST

On 7/15/06, Nico Kadel-Garcia <nkadel@comcast.net> wrote:
> gmu 2k6 wrote:
> > is there no way to use crypt(), md5(), hashXY(), bcrypt() for password
> > enrires in the passwd file when using svnserve? using mod_dav_svn or
> > tunneling svn via SSH is no option right now.
> > if there really is no way I might fall back to writing a passwd
> > management tool which works with base64 passwords but of course writes
> > them debase64'ed into passwd. this way at I would have to actievely
> > take a peek at passwd to see the passwords.
>
> I've been growsing about that: some folks made it clear that the
> communication over svnserver to handle passwords is actually encrypted, but
> I loathe having plain-text passwords lyng around.

Base64 encoding isn't encrypting: it's merely hiding (as is CVS's
ROT13 method)...

bye,

Erik.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sat Jul 15 13:47:46 2006

This is an archived mail posted to the Subversion Users mailing list.