* Craig Dickson <crdic@yahoo.com> [2001.11.27 15:06:00-0800]: > That was my point. If he's going to allow passwords to cross the net in > clear, then having passwords isn't really securing anything. Accessing > cvs in an ssh tunnel is the way to go. okay, sorry, then i misunderstood you. > What Peter had said, that I was replying to, was that he didn't mind > passwords going in clear as long as it was only cvs passwords, not shell > login passwords. So my reaction was, if you're so unconcerned about cvs > access, why bother putting passwords on it at all? The real point being > not that it's okay to let the whole world have full access to your cvs, > but that passwords should always be encrypted on the wire. word up. that clears it up. sorry again. -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck sic transit discus mundi.
Attachment:
pgppaS9XoC8qX.pgp
Description: PGP signature