RE: Remote cvs and security

[Jonah Tsai]

> From: "Colin Bester" <address@hidden> <mailto:address@hidden>
> To: "'CVS-II Discussion Mailing List'" <address@hidden> <mailto:address@hidden>
> Subject: RE: Remote cvs and security
> Date: Mon, 10 Sep 2001 19:37:23 -0500
> Organization: AIONET Inc
>
> Greg, I would like to know what alternatives you are referring to.

The alternative, although it might not be what Greg is refering to, is 
GSSAPI (aka. gserver in CVS). For the time being, GSSAPI supports only 
Kerberos (although SUN's implementation does have Diffe-Hellman...). All 
passwords are sent encrypted, with optional encrypted content. Note that 
gserver is natively supported by CVS. However, I cannot find any 
binaries pre-compiled with GSSAPI. You have to compile it yourself.

If you don't want to go through the trouble of setting up Kerberos, then 
go for SSH, like almost everybody does.

> The way I understand it is that all passwords used between client and
> pserver are sent in clear text and as such irrespective of what you do,
> it would be very easy to listen in on these and gain access to the
> software files.
>
> While cvs might have been designed for free source development and some
> of us even agree with it, we don't always have this freedom of choice
> and need to protect our data.
>
> I am pretty new to these aspects as I have always worked in a closed and
> 'safe' environment and now find myself at the other end of the spectrum.

> I would really appreciate some comments on what the correct steps would
> be to secure this link.

Quick and dirty -- SSH, up in 10 minutes.
Spend a lot of time and have loads of fun (or pain) -- Kerberos (gserver).

Anything TCP can be tunnel'd (or port-forward in SSH terminology) 
through SSH. Lucky that CVS uses TCP. It works, but it's somehow 
hackish, because SSH is a peer-to-peer authentication/encryption 
mechanism such that management is on per host basis. Kerberos is a 
centralized authentication mechanism. Both have their advantages and 
disadvantages, pick whatever suites your needs.

One dumb rule of thumb -- if you only have a handful of users, go SSH 
because the pain Kerberos causes ain't worth it; if you have a lot of 
usres, in the order of hundreds, go Kerberos. Anything in between, take 
your favorite, most likely your boss won't know the difference as long 
as your argument is logical and convincing.

If you are paranoid about security, forget about pserver...



Jonah Tsai

> >  <mailto:address@hidden>