Re: svn authentication

From: Mark Phippard <markp_at_softlanding.com>
Date: 2006-08-30 20:53:56 CEST

"Jim Weir" <javawaba@hotmail.com> wrote on 08/30/2006 02:27:18 PM:

> > > Perfect,
> > >
> > > ...now if I want to get rid of 'root' all I need to do is add a
liniux
> > > user/group and add it to the passwd file? Is that right?
> > >
> > > [users]
> > > svn = svnpassword
> >
> >The usernames in this file have no relationship to the OS or any other
> >authentication system. You also cannot reference groups.
> >
> >Basically, you just add usernames and password for the users that need
to
> >use the product.
> >
> >Mark
> >
>
> Is this password being sent plain text?

No, it uses CRAM-MD5. As I understand it, that is why the server needs to
have the plaintext password.

> What is the best way to secure access? SSH?

SSH or using Apache instead of svnserve are the best ways to provide
secure access, especially if you want to use an existing user
authentication system.

Support for adding SASL support to svnserve is being worked on as a Google
Summer of Code project. This would open the door to using plain svnserve
with existing authentication systems and in a secure manner.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Aug 30 21:07:23 2006

This message: [ Message body ]
Next message: Ryan Schmidt: "Re: svn authentication"
Previous message: Jim Weir: "Re: [LINUX] How to launch svnserve process with another user than 'root' ?"
In reply to: Jim Weir: "Re: svn authentication"
Next in thread: Jim Weir: "Re: svn authentication"
Reply: Jim Weir: "Re: svn authentication"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]