[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn authentication

From: Jim Weir <javawaba_at_hotmail.com>
Date: 2006-08-30 21:23:41 CEST

>From: Ryan Schmidt <subversion-2006c@ryandesign.com>
>To: Jim Weir <javawaba@hotmail.com>
>CC: users@subversion.tigris.org
>Subject: Re: svn authentication
>Date: Wed, 30 Aug 2006 20:55:56 +0200
>On Aug 30, 2006, at 20:27, Jim Weir wrote:
>>>Basically, you just add usernames and password for the users that need
>>>use the product.
>>Is this password being sent plain text?
>Over the wire, some type of CRAM-MD5 is used, so the plain-text password
>is not sent over the network. It is stored in plain text on the server
>hard disk, as you see.
>>What is the best way to secure access? SSH?
>svn+ssh is good, as is https.
>To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
>For additional commands, e-mail: users-help@subversion.tigris.org

>It is stored in plain text on the server hard disk, as you see.

Is this a potential security risk? How can I avoid this?


Get the new Windows Live Messenger!

To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Aug 30 22:17:23 2006

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.