Re: Can svnserve read an encrypted password file?

On Thu, Aug 28, 2008 at 12:42:56PM -0400, Paul Koning wrote:
> >>>>> "vinay" == vinay <vinay.indresh_at_gmail.com> writes:
>
> vinay> Hi All I was wondering if it is possible to keep the password
> vinay> file in an encrypted format. This would help in maintaining
> vinay> the passwords securely.
>
> The client needs the plaintext password,

The question was about svnserve, not the client.
(See the message subject.)

svnserve cannot yet store passwords in encrypted form, AFAIK.

See also the (long) thread starting at
http://subversion.tigris.org/servlets/ReadMsg?list=dev&msgNo=67919

and this message in particular:
http://subversion.tigris.org/servlets/ReadMsg?listName=dev&msgNo=67949

> so it would have to decrypt
> the password if it's stored encrypted, which means it needs to know
> the key, which means someone could read that key out of the client.
> So encrypting adds no security -- that's why the option isn't there.

The option of encrypting passwords on the client side has been
present on Windows and Mac OS X for quite some time now.

In Subversion 1.6 encrypting passwords on the client side will also
be possible on Linux/UNIX.
See http://subversion.tigris.org/faq.html#plaintext-passwords

> More precisely, encryption would mislead some people into believing
> there is security when there isn't, which is worse than not having
> encryption.

I don't buy that argument. For some people, storing a password on
disk in plaintext is the weakest link in the chain. Telling them
that was not so does not solve their problem.

Encrypting passwords on disk with the help of system services like
Gnome Keyring and Kwallet, as Subversion 1.6 will be able to do,
is a very reasonable approach IMHO.

Stefan

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-08-28 19:22:14 CEST