httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <>
Subject Re: CVS, SSH, and Apache.Org
Date Mon, 30 Jun 1997 21:17:47 GMT
Marc Slemko wrote:
> pserver may be a touch better because its authentication really sucks and
> I'm not even considering network sniffing, since that is by far the least
> of your worries.  Believe me, you don't want to use it if you don't have
> to.  It even stores your password in an unencrypted form on your local
> drive. 

I think "lightly encrypted" would be the correct statement. I did bring this
up with the CVS folk when they first did pserver, and even showed them how to
do it properly (well, a way, with a shared secret) but they declined "because
it would add a round trip". Sheesh!



Ben Laurie                Phone: +44 (181) 994 6435  Email:
Freelance Consultant and  Fax:   +44 (181) 994 6472
Technical Director        URL:
A.L. Digital Ltd,         Apache Group member (
London, England.          Apache-SSL author

View raw message