[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ANN: cvssh - secure ext-to-pserver bridge

From: Greg A. Woods
Subject: Re: ANN: cvssh - secure ext-to-pserver bridge
Date: Wed, 23 Jan 2002 18:39:25 -0500 (EST)

[ On Wednesday, January 23, 2002 at 17:46:37 (-0500), Michal Wallace wrote: ]
> Subject: Re: ANN: cvssh - secure ext-to-pserver bridge
> There are several reasons this is more convenient than SSH:
> 1. Many users have a hard time setting up a SSH tunnel,
>    whereas CVS_RSH=cvssh seems to be a lot easier for them.

Ah, excuse me, but you should NEVER have set up any tunnels with SSH to
use CVS with SSH!  Just set CVS_RSH=ssh.  It's two characters shorter
than with your method even!  :-)

> 2. Using SSH requires giving the users a unix account on
>    the server, rather than pserver's per-repository user
>    list.

Duh.  If you're doing authentication and authorisation on a unix-based
file server then you MUST, _M_U_S_T_ use a unique system account for
ever real-world user or else you might as well not use any
authentication whatsoever.  Pserver has NO accountability from the
system's point of view.  None whatsoever.  Don't use pserver.  Ever.

> 3. AFAIK, SSH doesn't remember your password the way
>    pserver does.

Oh, come on now.  There are any number of schemes for managing
authentication passpharases, etc. with SSH.  RTFM.

                                                                Greg A. Woods

+1 416 218-0098;  <address@hidden>;  <address@hidden>;  <address@hidden>
Planix, Inc. <address@hidden>; VE3TCP; Secrets of the Weird <address@hidden>

reply via email to

[Prev in Thread] Current Thread [Next in Thread]