info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVS + SSH under Unix and automatically use private keys


From: Jonah Tsai
Subject: Re: CVS + SSH under Unix and automatically use private keys
Date: Tue, 9 Oct 2001 19:15:41 -0400

On Tuesday, October 9, 2001, at 05:18  PM, Matt McClure wrote:

Does your ssh key have a passphrase?  If so, create a new key without a
passphrase.

Are either of your .ssh directories (client or server) or any of the
files contained in them group- or world-readable or -executable?  If so,
get rid of those permissions.

Why do you want to be able to use CVS command without having to type passwords each time, yet on the other hand you seem to be concerned about security? Is it because your IDE issues multiple cvs commands by itself?

Be ware of the caveat for using a private key file without a passphrase, i.e. an unencrypted private key file. An unencrypted key file is equivalent to storing a cleartext password on a plain text file. You better not have the key file store on some network file system -- not all network file system traffics are encrypted with strong encryption.

If you adopt the scheme of requiring every users to setup their own unencrypted private key files, it's very difficult to assure that every single user understands the implications and configure the SSH client/server correctly and securely, unless you want to spend a lot of time "educating" your users about encryption, file systems, your particular system configuration and stuff.

Moreover, a sysadmin may screw up the security without the users knowing by swapping NFS file system mounting unwittingly. For instance moving local home directories to a new harddrive using NFS mounting just because the local disk is filling up; this might unwittingly make the unencrypted private key files transported via NFS. This kind of things are very likely to happen in institutions that staff come and go. See why this is a very poor security mechanism?

It would be, however, a lot safer that you put the CVS server and a SSH server behind a firewall and only expose the SSH port such that the access to CVS server must be port-forwarded through the SSH server. The SSH and CVS severs maybe the same machine, although not really recommended. This way, you only have to type in the password once when setting up the port-forwarding tunnel.


You may also want to consider Kerberos. I got this working on my Max OS X, W2K, Solaris, and Linux.



Jonah Tsai



reply via email to

[Prev in Thread] Current Thread [Next in Thread]