[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: how can I change my password by SVN client?

From: Andy Levy <andy.levy_at_gmail.com>
Date: Mon, 31 Aug 2009 08:59:37 -0400

On Mon, Aug 31, 2009 at 08:44, Johan
Corveleyn<johan.corveleyn_at_uz.kuleuven.ac.be> wrote:
>> > If you really believe this is a security problem, I hope you're
>> on the
>> > OpenSSH mailing list complaining that the use of SSH
>> authorization
>> > keys is insecure because if someone gains access to my ~/.ssh
>> > directory, they can impersonate me.
>> Andy, I wrote the SunOS port of SSH 1, SSH 2, and OpenSSH years
>> back.
>> So yes, I've been active on it for years. That approach is much
>> superior to the standard and limited SSH key access, which presents
>> day-to-day integration problems.
> Not meaning to throw oil on the fire :), but just as an innocent bystander:
> You haven't answered the question: why are private keys with 600 permissions in ~/.ssh more secure than passwords in files with 600 permissions in ~/.subversion/auth? Or have I missed something?
>> It's why for most UNIX users in
>> professional environments, I recommend they use TortoiseSVN to a
>> Samba
>> share to access their repositories. The client is much safer, and
>> much
>> more reliable.
> And this works in practice? I would think you'd get all sorts of problems with svn:eol-style=native, and case-(in)sensitivity when you share a working copy this way (use the same WC from both a Unix client and a windows client through a samba share)

Plus this http://tortoisesvn.tigris.org/faq.html#samba


To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-08-31 15:00:37 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.