[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: to stop commit
From: |
Mark D. Baushke |
Subject: |
Re: to stop commit |
Date: |
Thu, 18 Aug 2005 18:46:15 -0700 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Pierre Asselin <address@hidden> writes:
> Mark D. Baushke <address@hidden> wrote:
>
> > Even at that, it is very easy to have anonymous
> > SSH access and that would be better than resorting to :pserver:.
>
> Could you elaborate on the easy anonymous ssh ?
Lots of folks are using it. A google search should find a number of
possible configurations including a chrooted system or a jail.
http://www.openbsd.org/anoncvs.html
http://reactor-core.org/howto-ssh-anoncvs.html
> The solutions I read about involved distributing a private key and
> assuming that the users would know what to do with it.
It is even easier than that, setup a anoncvs userid with a shells that
only runs the execl('/usr/bin/cvs', 'cvs', 'server', NULL) function and
that allows an empty password.
(You may also configure it to not allow scp or sftp.)
> Also, it wasn't clear to me that security would be much improved over
> :pserver:.
Security of sshd is much higher than security of cvs. The only
vulnerability will be that of the user/group you provide for the anoncvs
userid instead of the possibility of 'root' in most :pserver:
configurations.
-- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)
iD8DBQFDBTnmCg7APGsDnFERAnJ8AKCYh4Bck0/roTOMa4cs99ZI7fQWZgCfZyTo
RLPbflgYVv+0JQGzDo3cHXM=
=gdra
-----END PGP SIGNATURE-----
- to stop commit, Parvinder Singh Arora, 2005/08/18
- Re: to stop commit, Mark D. Baushke, 2005/08/18
- Re: to stop commit, S I, 2005/08/18
- Re: to stop commit, Mark D. Baushke, 2005/08/18
- Re: to stop commit, S I, 2005/08/18
- Re: to stop commit, Mark D. Baushke, 2005/08/18
- Re: to stop commit, Julian Opificius, 2005/08/18
- Re: to stop commit, Mark O'Brien, 2005/08/19
- Message not available
- Re: to stop commit, Pierre Asselin, 2005/08/18
- Re: to stop commit,
Mark D. Baushke <=
- Message not available
- Re: to stop commit, Pierre Asselin, 2005/08/19
- Re: to stop commit, Mark D. Baushke, 2005/08/19