>From: Ryan Schmidt <subversion-2006c@ryandesign.com>
>To: Jim Weir <javawaba@hotmail.com>
>CC: users@subversion.tigris.org
>Subject: Re: svn authentication
>Date: Wed, 30 Aug 2006 20:55:56 +0200
>
>On Aug 30, 2006, at 20:27, Jim Weir wrote:
>
>>>Basically, you just add usernames and password for the users that need
>>>to
>>>use the product.
>>
>>Is this password being sent plain text?
>
>Over the wire, some type of CRAM-MD5 is used, so the plain-text password
>is not sent over the network. It is stored in plain text on the server
>hard disk, as you see.
>
>
>>What is the best way to secure access? SSH?
>
>svn+ssh is good, as is https.
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
>For additional commands, e-mail: users-help@subversion.tigris.org
>
>It is stored in plain text on the server hard disk, as you see.
Is this a potential security risk? How can I avoid this?
Thanks,
Jim
_________________________________________________________________
Get the new Windows Live Messenger!
http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Aug 30 22:17:23 2006