Re: need to force username of cvs 'action' when using shared SSHaccount

info-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: need to force username of cvs 'action' when using shared SSHaccount

From:	Tim Grotenhuis
Subject:	Re: need to force username of cvs 'action' when using shared SSHaccount
Date:	Tue, 4 May 2004 15:46:50 -0400

SSH is:

a. secure through encryption ( cleartexting across the net with pserver is
inviting disaster)
b. through the SSH command="" you can limit users to one command based on
the key they are authenticating with.

tg


----- Original Message ----- 
From: "Greg A. Woods" <address@hidden>
To: "CVS-II Discussion Mailing List" <address@hidden>
Sent: Tuesday, May 04, 2004 3:10 PM
Subject: Fw: need to force username of cvs 'action' when using shared
SSHaccount


> [ someone wrote: ]
> > Subject: Fw: need to force username of cvs 'action' when using shared
SSH account
> >
> >  I just can't imagine that this hasn't been required before: a single
shell
> > account with a used id of, for example,  'cvsuser' requiring SSH,
instead of
> > pserver, authentication and access for developers.  The nature of CVS,
that
> > of tracking diffs and who did what when, seems to be compromised in this
> > situation.  Thats all.
>
> I just cannot possibly ever even conceive of anyone using a "shared SSH
> account".
>
> The very concept is entirely antithetical to the goals of SSH and
> computing security in general.
>
> You may as well just use pserver in the clear and be very explicit and
> forthright about your total lack of security.
>
> [[ And yes, I do intend that comment to be very sarcastic. ]]
>
> -- 
> Greg A. Woods
>
> +1 416 218-0098                  VE3TCP            RoboHack
<address@hidden>
> Planix, Inc. <address@hidden>          Secrets of the Weird
<address@hidden>
>
>
> _______________________________________________
> Info-cvs mailing list
> address@hidden
> http://mail.gnu.org/mailman/listinfo/info-cvs
>
>
>

[Prev in Thread]

Current Thread

[Next in Thread]

need to force username of cvs 'action' when using shared SSH account, TG, 2004/05/01
- Re: need to force username of cvs 'action' when using shared SSH account, Pierre Asselin, 2004/05/01
- Need to force username of cvs 'action' when using shared SSH account, Tim Grotenhuis, 2004/05/01
- Re: Need to force username of cvs 'action' when using shared SSH account, Paul Levin, 2004/05/03
- Fw: need to force username of cvs 'action' when using shared SSH account, Keith Refson, 2004/05/04
  - Re: Fw: need to force username of cvs 'action' when using shared SSH account, Mark D. Baushke, 2004/05/04
  - Fw: need to force username of cvs 'action' when using shared SSH account, Greg A. Woods, 2004/05/04
    - Re: need to force username of cvs 'action' when using shared SSHaccount, Tim Grotenhuis <=
    - Re: need to force username of cvs 'action' when using shared SSHaccount, Geoff Beier, 2004/05/04
    - Re: need to force username of cvs 'action' when using shared SSHaccount, Tim Grotenhuis, 2004/05/04
    - Re: need to force username of cvs 'action' when using shared SSHaccount, Adam Hupp, 2004/05/05
    - Re: need to force username of cvs 'action' when using shared SSHaccount, Greg A. Woods, 2004/05/05
  - Re: Fw: need to force username of cvs 'action' when using shared SSH, Larry Jones, 2004/05/04
- Fw: need to force username of cvs 'action' when using shared SSH account, Keith Refson, 2004/05/05
  - Re: Fw: need to force username of cvs 'action' when using shared SSH account, Greg A. Woods, 2004/05/05

Prev by Date: Fw: need to force username of cvs 'action' when using shared SSH account
Next by Date: Re: Fw: need to force username of cvs 'action' when using shared SSH
Previous by thread: Fw: need to force username of cvs 'action' when using shared SSH account
Next by thread: Re: need to force username of cvs 'action' when using shared SSHaccount
Index(es):
- Date
- Thread