On Mon, Mar 21, 2011 at 12:36 PM, Cecil Westerhof <Cecil_at_decebal.nl> wrote:
> As I understood it, the best way to setup subversion is just with
> svnserve. Because it is accessed through the Internet, we should also
> SASL.
>
> It looks like the passwords are then stored in a text-file. Which
> means that when an user want to change his password, the maintainer of
> the svnserver has to change the password and mail it to the user. Is
> this correct, or am I overlooking something?
Cecil, there are trade-offs. Do go to the redbook at
http://svnbook.red-bean.com/. svnserve works, but is not automatically
encrypted, and has poor logging. HTTP/HTTPS access can be set to
encryption, but the UNIX/Linux clients store passwords in cleartext
locally, which I personally consider absolute anathema. svn+ssh works,
but handling the SSH public keys is awkward and has no tool for easy
management of access.
They've all got trade-offs: different ports need to be acessible for
clients, for example. SASL, in particular, *CAN* be managed by
authorized users from offsite, but it requires more infrastructure.
Received on 2011-03-21 17:58:20 CET