On Mon, Mar 11, 2002 at 09:48:01AM -0600, hanasaki wrote: > I have heard that pserver is not secure. Is this due to plaintext > passwd on the net or exploits? How can it be secured? How can the > client and server be configured to run over SSL (Win and Lin)?
It is because of plain text passwords. Anonymous CVS over pserver is perfectly fine though (unless of course the contents of your repo need to be secured against plain text transmission aswell). I strongly suggest using CVS over SSH. It's easy to setup. Just make sure the server that your CVS repo is on has sshd installed. Then on the client do: export CVS_RSH=ssh cvs -d :ext:<username>@cvs.server.com:/repo co myproj Then, you can work as you normally would, had you used pserver. If you want to avoid having to type your SSH passphrase for every access to the server, then I suggest using ssh-agent. -- .----------=======-=-======-=========-----------=====------------=-=-----. / Ben Collins -- Debian GNU/Linux -- WatchGuard.com \ ` [EMAIL PROTECTED] -- [EMAIL PROTECTED] ' `---=========------=======-------------=-=-----=-===-======-------=--=---'