[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Storing encrypted passwords with Subversion using Apache/LDAP

From: Andy Levy <andy.levy_at_gmail.com>
Date: Mon, 19 Oct 2009 14:13:26 -0400

On Mon, Oct 19, 2009 at 13:59, Mark-E <meramo_at_hbs.edu> wrote:
> Seeting up an Apache2 Server such that it authenticates the user via our LDAP
> server before it allows them into the Subversion repository.
>
> When I test logging in, I get the following message...
>
> ATTENTION!  Your password for authentication realm:
>
>     <https: XXXXXXXXXXXXXXXXXXXX > Repository
>
> can only be stored to disk unencrypted!  You are advised to configure
> your system so that Subversion can store passwords encrypted, if
> possible.  See the documentation for details.
>
> I believe that this can be enabled in the httpd-subverson.conf but I am not
> sure exactly what needs to be done. Can anyone point me to the specific
> command or docs that detail how to encrypt the users ldap password.

What version of the client are you using, and on what OS?

On MacOS, svn has supported storing passwords in Keychain (encrypted)
since 1.4 (IIRC)

On Windows, svn uses Windows Crypto to store the passwords in
%APPDATA%. Not sure when this was introduced but it's been a while.

On *NIX, 1.6 introduced the ability to use gnome-keyring and kwallet
to store them securely. See
http://blogs.open.collab.net/svn/2009/07/subversion-16-security-improvements.html

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2409075

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-10-19 20:14:53 CEST

This is an archived mail posted to the Subversion Users mailing list.