Re: cvs security - ssh vs pserver?

To: Debian user mailing list <debian-user@lists.debian.org>
Subject: Re: cvs security - ssh vs pserver?
From: dman <dsh8290@rit.edu>
Date: Tue, 27 Nov 2001 13:17:41 -0500
Message-id: <[🔎] 20011127131741.A1397@harmony.cs.rit.edu>
Mail-followup-to: Debian user mailing list <debian-user@lists.debian.org>
In-reply-to: <[🔎] 20011127100856.B12312@dirac.org>; from p@dirac.org on Tue, Nov 27, 2001 at 10:08:57AM -0800
References: <[🔎] 20011127015150.A3681@dirac.org> <[🔎] 20011127130013.A2999@kitenet.net> <[🔎] 20011127100856.B12312@dirac.org>

On Tue, Nov 27, 2001 at 10:08:57AM -0800, Peter Jay Salzman wrote:
| begin: Joey Hess <joey@kitenet.net> quote
| > Peter Jay Salzman wrote:
| > > i just found out that using method 2, you can't assign a shell
| > > of /bin/false.  cvs won't work.   so option 2 also means "giving
| > > a shell account on my machine".
| > 
| > Read http://kitenet.net/programs/sshcvs
| > 
| > > any thoughts?  is pserver really as insecure as dpkg claims in the
| > > configuration of the package?
| > 
| > It uses plain-text passwords, which is pretty insecure, yes.
|  
| i have no problem with plain text passwords.

If you are using a plaintext password, why bother with a password at
all?

-D

-- 

A)bort, R)etry, B)ang it with a large hammer

Reply to:

References:
- cvs security - ssh vs pserver?
  - From: Peter Jay Salzman <p@dirac.org>
- Re: cvs security - ssh vs pserver?
  - From: Joey Hess <joey@kitenet.net>
- Re: cvs security - ssh vs pserver?
  - From: Peter Jay Salzman <p@dirac.org>

Prev by Date: Re: smtp with kmail
Next by Date: VIA sound chipset
Previous by thread: Re: cvs security - ssh vs pserver?
Next by thread: Re: cvs security - ssh vs pserver?
Index(es):
- Date
- Thread