[Cvsnt] Permissions for changing files in module
Koen
no at ssppaamm.com
Thu Feb 21 10:13:26 GMT 2002
"Tony Hoyle" <tmh at nothing-on.tv> wrote in message
news:3c73d1d2.19432906 at tony-home...
> On Wed, 20 Feb 2002 09:53:45 +0000 (UTC), "Koen" <no at ssppaamm.com>
> wrote:
> >2. Use pserver protocol with impersonation
> >No ntserver protocol, because: (1) in that case the NT passwords must be
> >sent over the net and they are easily decrypted, and (2) we also need to
> >access the repository from Linux machines...
>
> If you're that bothered about security then pserver is the *worst*
> protocol to choose as the passwords are trivially decrypted. Kerberos
> or SSH are needed for that level of security.
Any pointer on a tutorial to set this up using SSH?
> sspi is a good middle
> ground - you can in theory crack the NT passwords (they're MD5'd I
> believe) but it would take a couple of weeks on a fast machine
> provided you don't use passwords that aren't susceptible to a
> dictionary attack.
So, if I use ntserver protocol the passwords are sent in a better encrypted
way than when using pserver protocol? But can I still access the repository
from a Linux machine if I choose to use ntserver protocol?
> Users can set their own passwords using 'cvs passwd'.
OK!
Thanks a lot for all your help!
Koen
_______________________________________________
Cvsnt mailing list
Cvsnt at cvsnt.org
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
More information about the cvsnt
mailing list