"Tony Hoyle" <[EMAIL PROTECTED]> wrote in message 3c73d1d2.19432906@tony-home">news:3c73d1d2.19432906@tony-home...
> On Wed, 20 Feb 2002 09:53:45 +0000 (UTC), "Koen" <[EMAIL PROTECTED]> > wrote: > >2. Use pserver protocol with impersonation > >No ntserver protocol, because: (1) in that case the NT passwords must be > >sent over the net and they are easily decrypted, and (2) we also need to > >access the repository from Linux machines... > > If you're that bothered about security then pserver is the *worst* > protocol to choose as the passwords are trivially decrypted. Kerberos > or SSH are needed for that level of security. Any pointer on a tutorial to set this up using SSH? > sspi is a good middle > ground - you can in theory crack the NT passwords (they're MD5'd I > believe) but it would take a couple of weeks on a fast machine > provided you don't use passwords that aren't susceptible to a > dictionary attack. So, if I use ntserver protocol the passwords are sent in a better encrypted way than when using pserver protocol? But can I still access the repository from a Linux machine if I choose to use ntserver protocol? > Users can set their own passwords using 'cvs passwd'. OK! Thanks a lot for all your help! Koen _______________________________________________ Cvsnt mailing list [EMAIL PROTECTED] http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
