Re: Encrypted passwd on Debian, SVN-Server

From: Stefan Sperling <stsp_at_elego.de>
Date: Fri, 24 Jan 2014 14:17:26 +0100

On Thu, Jan 23, 2014 at 10:43:55PM +0100, Anselm Arndt wrote:
> Oh sorry,
> it is a svnserve server setup.
> I am not a svn expert.
> I am able to manage the users (with their rights) and to create new
> repositories.
> But now I was asked to store the passwords not in clear text in the passwd.

svnserve uses CRAM-MD5 authentication, which requires both parties
to know the plaintext. The password is a shared secret.

If you want something better, you can either try setting up svnserve
with Cyrus-SASL, or switch to Apache HTTPD and use, for instance,
digest authentication which saves hashes of passwords to disk.

See here:
http://svnbook.red-bean.com/en/1.7/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.sasl
http://svnbook.red-bean.com/en/1.7/svn.serverconfig.httpd.html#svn.serverconfig.httpd.authn.digest
Received on 2014-01-24 14:19:24 CET

This message: [ Message body ]
Next message: Branko Čibej: "Re: Could not read status line: SSL error: GnuTLS internal error"
Previous message: leiwangouc_at_gmail.com: "Could not read status line: SSL error: GnuTLS internal error"
In reply to: Anselm Arndt: "Re: Encrypted passwd on Debian, SVN-Server"
Next in thread: Nico Kadel-Garcia: "Re: Encrypted passwd on Debian, SVN-Server"
Reply: Nico Kadel-Garcia: "Re: Encrypted passwd on Debian, SVN-Server"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]