[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: how can I change my password by SVN client?

From: Nico Kadel-Garcia <nkadel_at_gmail.com>
Date: Tue, 8 Sep 2009 08:20:12 -0400

On Mon, Sep 7, 2009 at 12:02 PM, Les Mikesell <lesmikesell_at_gmail.com> wrote:
> Nico Kadel-Garcia wrote:
>>
>> On Sun, Sep 6, 2009 at 12:19 PM, Les Mikesell <lesmikesell_at_gmail.com>
>> wrote:
>>>
>>> Nico Kadel-Garcia wrote:
>>>>>
>>>>> * Have you ever tried to teach a newbie (possibly quite talented, but
>>>>
>>>> nevertheless a newbie) to configure customized Kerberos setups? I
>>>> have. It wasn't pretty.
>>>
>>> Are there similar issues using https and a client certificate
>>> requirement?
>>
>> The last time I tried that sort of thing, there was effort, but it
>> wasn't as bad. Organizing the server side to manage the sertificates
>> and synchronize access for each client to the same repository but with
>> a different key was...... fascinating. I basically wrote a little
>> script to survey the key list and genarate alias configurations for
>> each user with a different URL to the same material. Workable, but it
>> wouldn't necessarily scale well.
>
> Can't you configure apache to trust a certificate authority, not individual
> certificates, and then use something like tinyca to generate (and revoke if
> necessary) the certificates?  You still need passwords, but they are
> ssl-encrypted on the wire and you can't get in without both the password and
> certificate.

*Interesting*. I like it! How do you store the unlocked key this way
for your active TortoiseSVN or command line svn clients, to avoid
having to repeatedly type it in. You still have to do something about
giving different users slightly different access to the same material
in order to set the 'user' for logging, and I don't see how to do it
with this approach unless you repeat my approach and set slightly
different repository paths for different SSL keys.

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2392349

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-09-08 14:21:18 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.