How to make password to store in Encrypted format
How to make password to store in Encrypted format When I checkout a code i got the following message. I was searching in the net, I couldn't locate a proper document to avoid/configure svn password locally encrypted. Any help in this regard is highly appreciated. Thanks, Wang,bin --- ATTENTION! Your password for authentication realm: < <http://someservername:3690%3e/> http://someservername:3690> Test Project SVN can only be stored to disk unencrypted! You are advised to configure your system so that Subversion can store passwords encrypted, if possible. See the documentation for details. You can avoid future appearances of this warning by setting the value of the 'store-plaintext-passwords' option to either 'yes' or 'no' in '/home/AdmUsr/.subversion/servers'. ---
RE: How to make password to store in Encrypted format
> How to make password to store in Encrypted format > > When I checkout a code i got the following message. I was searching in the > net, I couldn't locate a proper document to avoid/configure svn password > locally encrypted. Any help in this regard is highly appreciated. > > Thanks, > Wang,bin > > --- > ATTENTION! Your password for authentication realm: > > <http://someservername:3690> Test Project SVN > > can only be stored to disk unencrypted! You are advised to configure your > system so that Subversion can store passwords encrypted, if possible. See > the documentation for details. > > You can avoid future appearances of this warning by setting the value of the > 'store-plaintext-passwords' option to either 'yes' or 'no' in > '/home/AdmUsr/.subversion/servers'. > --- Did you " See the documentation for details."??? " For other Unix-like operating systems, no single standard “keychain” service exists. However, the Subversion client knows how to store passwords securely using the “GNOME Keyring” and “KDE Wallet” services. Also, before storing unencrypted passwords in the ~/.subversion/auth/ caching area, the Subversion client will ask the user for permission to do so. Note that the auth/ caching area is still permission-protected so that only the user (owner) can read data from it, not the world at large. The operating system's own file permissions protect the passwords from other non-administrative users on the same system, provided they have no direct physical access to the storage media of the home directory, or backups thereof." http://svnbook.red-bean.com/nightly/en/svn-book.html#svn.serverconfig.netmodel.creds BOb
Re: How to make password to store in Encrypted format
On Tue, Sep 20, 2011 at 7:03 AM, Bob Archer wrote: > > How to make password to store in Encrypted format > > > > When I checkout a code i got the following message. I was searching in > the > > net, I couldn't locate a proper document to avoid/configure svn password > > locally encrypted. Any help in this regard is highly appreciated. > > > > Thanks, > > Wang,bin > > > > > --- > > ATTENTION! Your password for authentication realm: > > > ><http://someservername:3690> Test Project SVN > > > > can only be stored to disk unencrypted! You are advised to configure your > > system so that Subversion can store passwords encrypted, if possible. See > > the documentation for details. > > > > You can avoid future appearances of this warning by setting the value of > the > > 'store-plaintext-passwords' option to either 'yes' or 'no' in > > '/home/AdmUsr/.subversion/servers'. > > > --- > > Did you " See the documentation for details."??? > > " For other Unix-like operating systems, no single standard “keychain” > service exists. However, the Subversion client knows how to store passwords > securely using the “GNOME Keyring” and “KDE Wallet” services. Also, before > storing unencrypted passwords in the ~/.subversion/auth/ caching area, the > Subversion client will ask the user for permission to do so. Note that the > auth/ caching area is still permission-protected so that only the user > (owner) can read data from it, not the world at large. The operating > system's own file permissions protect the passwords from other > non-administrative users on the same system, provided they have no direct > physical access to the storage media of the home directory, or backups > thereof." > > > http://svnbook.red-bean.com/nightly/en/svn-book.html#svn.serverconfig.netmodel.creds > > BOb > > Wang, For the record we're running Ubuntu Server 10.04LTS and it has no desktop GUI and I was not able to figure out how to use either gnome keyring or kde wallet services to store passwords encrypted. After about 8 to 12 hours of researching these methods and trying a variety of different things, I gave up and was never able to store encrypted passwords; we all have IDEs that store/send the password with each command and our SVN server is behind our Firewall on our LAN, so it isn't that big of a deal for us. They call it a "security improvement" for SVN 1.6 however it has resulted in our case as no security (for users SSH'd into the svn server) because implementing it a) is too cumbersome b) is beyond my skillset, or c) appears to rely on a desktop UI There appears to be some command-line ways of getting this functionality, and here some posts about it... http://stackoverflow.com/questions/3824513/svn-encrypted-password-store http://blogs.collab.net/subversion/2009/07/subversion-16-security-improvements/ http://subversion.open.collab.net/ds/viewMessage.do?dsMessageId=325647&dsForumId=3 Probably the best bet is outlined here http://superuser.com/questions/186575/whats-the-best-way-to-store-an-encrypted-svn-password-on-ubuntu-server or here http://blesseddlo.wordpress.com/2010/09/13/subversion-passwords-encrypted-with-gnome-keyring/ but I wasn't able to get it working. Sorry; wish I had a better reply for you. Good luck -
Re: How to make password to store in Encrypted format
> > > On Tue, Sep 20, 2011 at 7:03 AM, Bob Archer wrote: > >> > How to make password to store in Encrypted format >> > >> > When I checkout a code i got the following message. I was searching in >> the >> > net, I couldn't locate a proper document to avoid/configure svn password >> > locally encrypted. Any help in this regard is highly appreciated. >> > >> > Thanks, >> > Wang,bin >> > >> > >> --- >> > ATTENTION! Your password for authentication realm: >> > >> ><http://someservername:3690> Test Project SVN >> > >> > can only be stored to disk unencrypted! You are advised to configure >> your >> > system so that Subversion can store passwords encrypted, if possible. >> See >> > the documentation for details. >> > >> > You can avoid future appearances of this warning by setting the value of >> the >> > 'store-plaintext-passwords' option to either 'yes' or 'no' in >> > '/home/AdmUsr/.subversion/servers'. >> > >> --- >> >> Did you " See the documentation for details."??? >> >> " For other Unix-like operating systems, no single standard “keychain” >> service exists. However, the Subversion client knows how to store passwords >> securely using the “GNOME Keyring” and “KDE Wallet” services. Also, before >> storing unencrypted passwords in the ~/.subversion/auth/ caching area, the >> Subversion client will ask the user for permission to do so. Note that the >> auth/ caching area is still permission-protected so that only the user >> (owner) can read data from it, not the world at large. The operating >> system's own file permissions protect the passwords from other >> non-administrative users on the same system, provided they have no direct >> physical access to the storage media of the home directory, or backups >> thereof." >> >> >> http://svnbook.red-bean.com/nightly/en/svn-book.html#svn.serverconfig.netmodel.creds >> >> BOb >> >> > > Wang, > > For the record we're running Ubuntu Server 10.04LTS and it has no desktop > GUI and I was not able to figure out how to use either gnome keyring or kde > wallet services to store passwords encrypted. After about 8 to 12 hours of > researching these methods and trying a variety of different things, I gave > up and was never able to store encrypted passwords; we all have IDEs that > store/send the password with each command and our SVN server is behind our > Firewall on our LAN, so it isn't that big of a deal for us. > > They call it a "security improvement" for SVN 1.6 however it has resulted > in our case as no security (for users SSH'd into the svn server) because > implementing it > a) is too cumbersome > b) is beyond my skillset, or > c) appears to rely on a desktop UI > > There appears to be some command-line ways of getting this functionality, > and here some posts about it... > > http://stackoverflow.com/questions/3824513/svn-encrypted-password-store > > > http://blogs.collab.net/subversion/2009/07/subversion-16-security-improvements/ > > > http://subversion.open.collab.net/ds/viewMessage.do?dsMessageId=325647&dsForumId=3 > > Probably the best bet is outlined here > > http://superuser.com/questions/186575/whats-the-best-way-to-store-an-encrypted-svn-password-on-ubuntu-server > or here > > http://blesseddlo.wordpress.com/2010/09/13/subversion-passwords-encrypted-with-gnome-keyring/ > but I wasn't able to get it working. > > Sorry; wish I had a better reply for you. > Good luck - > Here is another thread that looks helpful http://subversion.open.collab.net/ds/viewMessage.do?dsForumId=3&dsMessageId=393815
