[EMAIL PROTECTED] on 06/06/2000 08:50:18 PM >[ On Tuesday, June 6, 2000 at 16:02:17 (-0400), Noel L Yap wrote: ] >> Subject: Re: SRP implementation in CVS >> >> On one hand I'd like to keep CVS minimal. OTOH, I'd like to minimize the >> involvement of sysadmins. Perhaps SSH or a cvs wrapper /is/ solution to both >> problems (eg have read-only users SSH into one read-only CVS account in which >> they can only do "cvs server" or have something else do the authentication). >> I'm not completely convinced yet; I'll have to analyze it a bit more. > >So long as any wrapper system that doesn't use system accounts is kept >completely separate from CVS it'll be hard to blame CVS for the lack of >accountability such a system inherently introduces... :-) OK, I've thought about this a bit more. The thing I like about pserver is the fact that users can be mapped to system users and CVS records the non-system users. I haven't found a way to do this using SSH. However, if SSH were changed to set an environment variable to the remote user, the CVS server could be changed to use this info. SSH would then become an authentication agent in this scenario. Also, if SSH were enhanced to support SRP, the task of key maintenance goes away. Noel This communication is for informational purposes only. It is not intended as an offer or solicitation for the purchase or sale of any financial instrument or as an official confirmation of any transaction. All market prices, data and other information are not warranted as to completeness or accuracy and are subject to change without notice. Any comments or statements made herein do not necessarily reflect those of J.P. Morgan & Co. Incorporated, its subsidiaries and affiliates.
