info-cvs archive search

241. Re: Security, audits and pserver (score: 284)

Author: HIDDEN

Date: Tue, 17 Dec 2002 09:33:21 -0600 (CST)

The repository is likely to be one of the more valuable things the enterprise has on its computers, and so fencing everything else off from it may not make sense. In general, I like the idea of usin

/archive/html/info-cvs/2002-12/msg00243.html (7,092 bytes)

242. Re: Security options :-( (score: 161)

Author: HIDDEN

Date: Tue, 17 Dec 2002 10:28:50 -0500

If I have understood Greg correctly this drawback can be nullified, by telling SSH to only let you execute one command 'cvs'. man sshd, search for 'command='. And combine that with filesystem permiss

/archive/html/info-cvs/2002-12/msg00236.html (7,361 bytes)

243. Re: Security options :-( (score: 161)

Author: HIDDEN

Date: Tue, 17 Dec 2002 09:31:00 -0500

Method 1.5 description: - users SSH into newly-created accounts that are different from their existing accounts (cvsphil, etc) - repository has group permissions that allow the newly created (cvsphil

/archive/html/info-cvs/2002-12/msg00232.html (5,781 bytes)

244. RE: Security options :-( (score: 164)

Author: HIDDEN

Date: Tue, 17 Dec 2002 08:55:27 -0500

Method 1.5 description: - users SSH into newly-created accounts that are different from their existing accounts (cvsphil, etc) - repository has group permissions that allow the newly created (cvsphi

/archive/html/info-cvs/2002-12/msg00231.html (5,418 bytes)

245. Security options :-( (score: 164)

Author: HIDDEN

Date: Tue, 17 Dec 2002 08:44:26 -0500

The cvs user id and group id need to be different from all And then what? Use pserver to map the existing user ids to the cvs id? I have been trying to figure out a secure way to set this thing up,

/archive/html/info-cvs/2002-12/msg00230.html (7,039 bytes)

246. RE: security question (score: 171)

Author: HIDDEN

Date: Mon, 16 Dec 2002 17:34:01 -0800 (PST)

I previously posted saying that SSH keys should be password-protected and that if they were, one can run ssh-agent so that one needn't type in the password each time, or type in the password for each

/archive/html/info-cvs/2002-12/msg00219.html (7,952 bytes)

247. RE: Security, audits and pserver (score: 275)

Author: HIDDEN

Date: Mon, 16 Dec 2002 16:09:11 -0500 (EST)

[ On Monday, December 16, 2002 at 17:16:41 (+0100), Walter, Jan wrote: ] No, that's why you'd use SSH plain and simple with real, proper, unique system accounts for every real person, and never use C

/archive/html/info-cvs/2002-12/msg00216.html (6,296 bytes)

248. RE: Security, audits and pserver (score: 262)

Author: HIDDEN

Date: Mon, 16 Dec 2002 10:35:39 -0800

The advantage to chroot environments is that they can limit exposure to things like rogue *info scripts that might reach beyond the CVS repository. This is handy in the event that you store sensitive

/archive/html/info-cvs/2002-12/msg00215.html (6,451 bytes)

249. RE: Security, audits and pserver (score: 290)

Author: HIDDEN

Date: Mon, 16 Dec 2002 17:16:41 +0100

That's why you would tunnel it over ssh or something like that, with limited key access. People you trust get the key, and their key gets kept on the server. Definitely, a wide-open pserver connectio

/archive/html/info-cvs/2002-12/msg00209.html (7,100 bytes)

250. Re: Security, audits and pserver (score: 278)

Author: HIDDEN

Date: Mon, 16 Dec 2002 11:13:16 -0500 (EST)

Note that giving anyone pserver access to a machine is equivalent to giving them local shell access -- there are fairly simple tricks that can be used to execute arbitrary code on the server. CVS was

/archive/html/info-cvs/2002-12/msg00205.html (6,736 bytes)

251. RE: security question (score: 161)

Author: HIDDEN

Date: Mon, 16 Dec 2002 09:37:55 -0500

Are you talking about ssh-agent, or passphrase-based ssh keys, or an external layer of encryption on the keyfiles, or what? Please be specific. ssh-agent, for instance, would be a bit more secure, a

/archive/html/info-cvs/2002-12/msg00202.html (5,714 bytes)

252. RE: Security, audits and pserver (score: 294)

Author: HIDDEN

Date: Mon, 16 Dec 2002 11:42:55 +0100

Been watching this thread for a while... Here is my question: Are chrooted environments truly more secure than accessing pserver over an ssh tunnel? Yes, I know you can do both. There was some talk o

/archive/html/info-cvs/2002-12/msg00199.html (9,675 bytes)

253. RE: security question (score: 161)

Author: HIDDEN

Date: Fri, 13 Dec 2002 15:59:45 -0800 (PST)

Password-protected keys help protect them against theft. I would encourage everyone to use such keys. Or did I misunderstand your post? Noel __________________________________________________ Do you

/archive/html/info-cvs/2002-12/msg00192.html (5,286 bytes)

254. Re: Security, audits and pserver (score: 259)

Author: HIDDEN

Date: Fri, 13 Dec 2002 08:21:16 -0800

This is correct, provided the users (or other services) aren't confined to their own (non-overlapping) chroot environments.

/archive/html/info-cvs/2002-12/msg00190.html (6,713 bytes)

255. RE: Security, audits and pserver (score: 264)

Author: HIDDEN

Date: Fri, 13 Dec 2002 11:26:13 -0500

Yes, this you are correct... chrooting a file system would have no impact on the user's ability to access the repository. The best method for keeping folks out is to use public key ssh auth, constra

/archive/html/info-cvs/2002-12/msg00182.html (7,065 bytes)

256. Re: security question (score: 167)

Author: HIDDEN

Date: Fri, 13 Dec 2002 10:01:57 -0500

We run pserver on a machine behind a firewall and access with redirected ports with ssh. Someone posted on this list a cookbook ssh command to do so... ssh address@hidden -L 2401:host.whatever.com:2

/archive/html/info-cvs/2002-12/msg00179.html (6,911 bytes)

257. Re: Security, audits and pserver (score: 259)

Author: HIDDEN

Date: Fri, 13 Dec 2002 06:16:46 -0800 (PST)

I see. I guess it's obvious that the repository would have to be within the chroot'ed environment meaning that such an environment wouldn't help in preventing users from directly accessing the archiv

/archive/html/info-cvs/2002-12/msg00178.html (6,480 bytes)

258. RE: security question (score: 161)

Author: HIDDEN

Date: Fri, 13 Dec 2002 10:55:22 -0500

Actually, if you setup your ssh keys correctly (ssh-keygen -t dsa), then you never have to enter your password at all.

/archive/html/info-cvs/2002-12/msg00177.html (4,688 bytes)

259. Re: security question (score: 167)

Author: HIDDEN

Date: Fri, 13 Dec 2002 06:29:23 -0800 (PST)

One other problem with pserver is that passwords are stored "in the clear" on the users' home directories. At least with SSH, the keys can be encrypted using a password that the user enters either up

/archive/html/info-cvs/2002-12/msg00176.html (6,668 bytes)

260. RE: Security, audits and pserver (score: 259)

Author: HIDDEN

Date: Thu, 12 Dec 2002 13:39:36 -0800

I would be astonished if this were true. You'd have to replicate /bin, /usr/bin, /etc, /lib, /usr/lib, /etc, /usr/local, /include, /usr/include, /dev, and a whole lot of other stuff to make it work a

/archive/html/info-cvs/2002-12/msg00173.html (6,154 bytes)