>>>>> "NLY" == Noel L Yap <[EMAIL PROTECTED]> writes: NLY> over to the server for its use. Server CVS will still run as the NLY> server user but will record the client username within its logs. NLY> For example, if I am nyap on the client and I set NLY> CVSROOT=cvsuser@cvsserver:/home/cvsgroup/.cvsroot, I will be NLY> cvsuser on host cvsserver, but CVS will know me as nyap (ie it'll NLY> log my actions as nyap). Wouldn't it be slightly more convenient if you would have to set CVSROOT=nyap@cvsserver:/home/cvsgroup/.cvsroot and let the server itself think about cvsuser? NLY> Now, about security, cvsuser will need access to the repository. NLY> nyap will need valid keys to become cvsuser. If nyap gives those NLY> keys away, others will be able to act as cvsuser (unless the keys If nyap gives those keys away, others should be able to act only as nyap. If single cvs user compromise compromises entire repository -- that's not an option. And I propose that if nyap has valid keys, he will become nyap, and not `cvsuser' or anything else. This simplifies things a lot. Surely, he _will_ become `cvsuser' on server machine, but we just don't think about it now... NLY> are limited to use by nyap (SSH currently doesn't have such an NLY> option 'cos the server can't guarantee that the username info NLY> sent by the client is valid)). I have to study ssh manuals to competently speak about `keys', as I effectively almost always speak about `passwords'. Sorry, maybe then I will change my mind. --alexm
- Re: Proposal: have client CVS send remote username to serv... Derek R. Price
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to... Alexey Mahotkin
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to... Alexey Mahotkin
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to... Alexey Mahotkin
- Re: Proposal: have client CVS send remote usernam... Derek R. Price
- Re: Proposal: have client CVS send remote use... Alexey Mahotkin
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to... Alexey Mahotkin
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to... Alexey Mahotkin
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to serv... Derek R. Price
- Re: Proposal: have client CVS send remote username to serv... Derek R. Price
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to... Alexey Mahotkin
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to... Alexey Mahotkin
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap