[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CVS and NIS+ information required
From: |
Denniston, Todd A CIV NAVSURFWARCENDIV Crane, Code JSXN |
Subject: |
Re: CVS and NIS+ information required |
Date: |
Tue, 16 Sep 2008 09:46:56 -0400 |
User-agent: |
Thunderbird 2.0.0.16 (X11/20080707) |
giri babu wrote, On 09/15/2008 01:29 AM:
Hi
Iam Giri
I required information on CVS passwd authetication on NIS+
I have redhat box which ia configured as CVS server and NIS +
I ned information on whether CVs takes passwd from .etc.passwd files
or NIs+ passwd file
whether CVs supports NIS + if so please provide the details
short: as long as CVS is using the system for authentication information, CVS
will use the same mix of /etc/passwd and NIS that the system uses.
Long:
As long as you are using :ext: and rsh|ssh, cvs does not do the
authentication, rsh or ssh does it.
RSH and SSH[1] do authentication through the hosts mechanisms (if not using
rhosts, or ssh keys) and with thus use NIS if the rest of the host login
methods do. Many folks consider SSH with ssh or PKI keys to be more secure &
audit-able, and there are resources[3] for setting it up.
if you are using :pserver: and you don't have a passwd file in
$CVSROOT/CVSROOT/, then CVS will authenticate using the system, i.e., if the
system uses NIS, then CVS will use NIS. BTW with :pserver: your passwords are
sent in the clear across the network and stored with a well known xor in
HOME/.cvspass [3], so it would be reasonable to assume that after :pserver:
use the password is compromised.
[1] http://ximbiot.com/cvs/manual/cvs-1.11.23/cvs_2.html#SEC28
[2] http://www.google.com/search?hl=en&q=cvs+ssh&btnG=Google+Search&aq=f&oq=
[3] http://ximbiot.com/cvs/manual/cvs-1.11.23/cvs_2.html#SEC31
--
Todd Denniston
Crane Division, Naval Surface Warfare Center (NSWC Crane)
Harnessing the Power of Technology for the Warfighter
http://www.crane.navy.mil/custfeedback