httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@gonzo.ben.algroup.co.uk>
Subject Re: CVS, SSH, and Apache.Org
Date Mon, 30 Jun 1997 21:17:47 GMT
Marc Slemko wrote:
> pserver may be a touch better because its authentication really sucks and
> I'm not even considering network sniffing, since that is by far the least
> of your worries.  Believe me, you don't want to use it if you don't have
> to.  It even stores your password in an unencrypted form on your local
> drive. 

I think "lightly encrypted" would be the correct statement. I did bring this
up with the CVS folk when they first did pserver, and even showed them how to
do it properly (well, a way, with a shared secret) but they declined "because
it would add a round trip". Sheesh!

Cheers,

Ben.

-- 
Ben Laurie                Phone: +44 (181) 994 6435  Email: ben@algroup.co.uk
Freelance Consultant and  Fax:   +44 (181) 994 6472
Technical Director        URL: http://www.algroup.co.uk/Apache-SSL
A.L. Digital Ltd,         Apache Group member (http://www.apache.org)
London, England.          Apache-SSL author

Mime
View raw message