On 2008-01-02, at 18:21, Michael G Schwern wrote:
demerphq wrote:
Yet... I really don't want to see passwords, even insecure ones,
accidentally.
Hooray for SSH agent forwarding!
Now somebody's going to tell me why that's hateful.
Um.
Let me think.
Detached screen sessions?
OK, weak, but
demerphq wrote:
> Yet... I really don't want to see passwords, even insecure ones, accidentally.
Hooray for SSH agent forwarding!
Now somebody's going to tell me why that's hateful.
--
If at first you don't succeed--you fail.
-- "Portal" demo
Yet... I really don't want to see passwords, even insecure ones,
accidentally.
xor them with "Squeamish Ossifrage".
On 02/01/2008, Martin Ebourne wrote:
> demerphq wrote:
> > Its not a security thing IMO. Its a peace-of-mind thing. Any syadmin
> > can easily *deliberately* find out a users password in such a system,
> > cleartext or base64 or rot13. But what Base64 does that rot13 barely
> > does which clearte
demerphq wrote:
Its not a security thing IMO. Its a peace-of-mind thing. Any syadmin
can easily *deliberately* find out a users password in such a system,
cleartext or base64 or rot13. But what Base64 does that rot13 barely
does which cleartext does not is prevent sysadmins from accidentally
see
On 02/01/2008, Martin Ebourne wrote:
> b...@cpan.org wrote:
> >> I say better clear text than rot-13. Unless it has passwords properly
> >> encrypted with a master password, and associated session management (which
> >> would be nice, but as far as I know no-one has implemented this for svn
> >> y
On 2008-01-02 at 12:12 +0100, b...@cpan.org wrote:
> On Wed, Jan 02, 2008 at 10:56:27AM +, Martin Ebourne wrote:
> > Aristotle Pagaltzis wrote:
> >> Which is reasonably doable without the aid of tools, because you
> >> can easily inspect these files: Subversion stores *everything*,
> >> and th
b...@cpan.org wrote:
I say better clear text than rot-13. Unless it has passwords properly
encrypted with a master password, and associated session management (which
would be nice, but as far as I know no-one has implemented this for svn
yet), clear text seems to be the best choice.
Firefox and
On Wed, Jan 02, 2008 at 10:56:27AM +, Martin Ebourne wrote:
> Aristotle Pagaltzis wrote:
>> Which is reasonably doable without the aid of tools, because you
>> can easily inspect these files: Subversion stores *everything*,
>> and that includes the passwords, in pure, untarnished clear text.
>
On 2008-01-02 at 11:32 +0100, Aristotle Pagaltzis wrote:
> Which is reasonably doable without the aid of tools, because you
> can easily inspect these files: Subversion stores *everything*,
> and that includes the passwords, in pure, untarnished clear text.
>
> A marvel.
>
> That anyone ever thou
Aristotle Pagaltzis wrote:
Which is reasonably doable without the aid of tools, because you
can easily inspect these files: Subversion stores *everything*,
and that includes the passwords, in pure, untarnished clear text.
I say better clear text than rot-13. Unless it has passwords properly
If you stopped reading after the first word in the subject, you
took a pretty sensible decision. Anyway, so:
Subversion only stores auth credentials you supply on the command
line if it used them successfully. If the server refused a
request for some reason, it won't store the credentials. If the
12 matches
Mail list logo