You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@subversion.apache.org by Andreas Schoe <an...@gfz-potsdam.de> on 2005/03/29 14:53:29 UTC

Question about SSH

I use Subversion for a few days. 

Why does the svnserve use the passwd file with passwords written in
plaintext?

Is there any kind of Version that I can use the passwd with MD5 algorithm
like the Apache Server?

Re: Question about SSH

Posted by Ben Collins-Sussman <su...@collab.net>.

On Mar 29, 2005, at 8:53 AM, Andreas Schoe wrote:

> I use Subversion for a few days.
>
>  Why does the svnserve use the passwd file with passwords written in 
> plaintext?

Because otherwise, the password would have to be sent over the network 
in plaintext.

>
> Is there any kind of Version that I can use the passwd with MD5 
> algorithm like the Apache Server?
>

No.... not unless you use apache as your svn server.

You understand that apache's md5 passwords *are* passed essentially 
plaintext over the network, right?

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Re: Question about SSH

Posted by Günter Dannoritzer <da...@web.de>.

Hi Andreas,

Andreas Schoe wrote:

> I use Subversion for a few days. 
> 
> Why does the svnserve use the passwd file with passwords written in
> plaintext?
> 
> Is there any kind of Version that I can use the passwd with MD5 algorithm
> like the Apache Server?
> 

You mentioned ssh in the subject line, but not in the question anymore. 
Is svn+ssh not secure engough for you concerning the passwords?

Guenter



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org