[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn authentication

From: Mark Phippard <markp_at_softlanding.com>
Date: 2006-08-30 20:53:56 CEST

"Jim Weir" <javawaba@hotmail.com> wrote on 08/30/2006 02:27:18 PM:

> > > Perfect,
> > >
> > > ...now if I want to get rid of 'root' all I need to do is add a
liniux
> > > user/group and add it to the passwd file? Is that right?
> > >
> > > [users]
> > > svn = svnpassword
> >
> >The usernames in this file have no relationship to the OS or any other
> >authentication system. You also cannot reference groups.
> >
> >Basically, you just add usernames and password for the users that need
to
> >use the product.
> >
> >Mark
> >
>
> Is this password being sent plain text?

No, it uses CRAM-MD5. As I understand it, that is why the server needs to
have the plaintext password.

> What is the best way to secure access? SSH?

SSH or using Apache instead of svnserve are the best ways to provide
secure access, especially if you want to use an existing user
authentication system.

Support for adding SASL support to svnserve is being worked on as a Google
Summer of Code project. This would open the door to using plain svnserve
with existing authentication systems and in a secure manner.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Aug 30 21:07:23 2006

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.