[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Can svnserve read an encrypted password file?

From: Mark K <mark_at_mitsein.net>
Date: Thu, 28 Aug 2008 16:02:50 -0500

On Thu, 28 Aug 2008 19:21:40 +0200
Stefan Sperling <stsp_at_elego.de> wrote:

> On Thu, Aug 28, 2008 at 12:42:56PM -0400, Paul Koning wrote:
> > >>>>> "vinay" == vinay <vinay.indresh_at_gmail.com> writes:
> >
> > vinay> Hi All I was wondering if it is possible to keep the
> > vinay> password file in an encrypted format. This would help in
> > vinay> maintaining the passwords securely.
> >
> > The client needs the plaintext password,
> The question was about svnserve, not the client.
> (See the message subject.)
> svnserve cannot yet store passwords in encrypted form, AFAIK.
> See also the (long) thread starting at
> http://subversion.tigris.org/servlets/ReadMsg?list=dev&msgNo=67919
> and this message in particular:
> http://subversion.tigris.org/servlets/ReadMsg?listName=dev&msgNo=67949
> > so it would have to decrypt
> > the password if it's stored encrypted, which means it needs to know
> > the key, which means someone could read that key out of the client.
> > So encrypting adds no security -- that's why the option isn't there.
> The option of encrypting passwords on the client side has been
> present on Windows and Mac OS X for quite some time now.
> In Subversion 1.6 encrypting passwords on the client side will also
> be possible on Linux/UNIX.
> See http://subversion.tigris.org/faq.html#plaintext-passwords
> > More precisely, encryption would mislead some people into believing
> > there is security when there isn't, which is worse than not having
> > encryption.
> I don't buy that argument. For some people, storing a password on
> disk in plaintext is the weakest link in the chain. Telling them
> that was not so does not solve their problem.
> Encrypting passwords on disk with the help of system services like
> Gnome Keyring and Kwallet, as Subversion 1.6 will be able to do,
> is a very reasonable approach IMHO.
> Stefan

AFAIK the preferred gnome keyring thing is now seahorse
(http://www.gnome.org/projects/seahorse/index.html). One could just
use svn+ssh with keys and avoid the whole plaintext password issue.

Also, wouldn't svnserve+sasl be able to solve the complaint of having
plain text passwords stored on the server side?

Mark K
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-08-28 23:03:10 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.